Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Introduction
- Linux Foundation
- Training from the Linux Foundation
- Certifications offered by the Linux Foundation
- Digital Badges for Certification
- Laboratory Exercises, Solutions, and Resources
- E-Learning Course: LFS260
- Distribution Details
- Laboratory Sessions
Cloud Security Overview
- Multiple Projects for Government
- Definition of Security
- Risk Assessment
- Preventive Measures
- Detection Mechanisms
- Incident Response
- Classes of Attackers
- Types of Attacks
- Attack Surfaces
- Hardware and Firmware Security Considerations
- Security Agencies and Standards
- Managing External Access
- Laboratory Sessions
Preparing to Install
- Image Supply Chain Security
- Runtime Sandbox Configuration
- Verifying Platform Binaries
- Minimizing Access to the Graphical User Interface
- Policy-Based Control Implementation
- Laboratory Sessions
Installing the Cluster
- Updating Kubernetes for Government
- Tools to Enhance Kernel Security
- Examples of Kernel Hardening
- Mitigating Kernel Vulnerabilities
- Laboratory Sessions
Securing the kube-apiserver
- Restricting Access to the API
- Enabling Kube-apiserver Auditing
- Configuring Role-Based Access Control (RBAC)
- Pod Security Policies
- Minimizing Identity and Access Management (IAM) Roles
- Protecting the etcd Database
- CIS Benchmark Compliance
- Using Service Accounts for Secure Authentication
- Laboratory Sessions
Networking
- Firewall Basics
- Network Plugins for Government
- iptables Configuration
- Mitigating Brute Force Login Attempts
- Netfilter Rule Management
- Netfilter Implementation
- nft Concepts and Usage
- Ingress Object Configuration
- Pod-to-Pod Encryption for Secure Communication
- Restricting Cluster-Level Access
- Laboratory Sessions
Workload Considerations
- Minimizing the Base Image Size
- Static Analysis of Workloads for Security
- Runtime Analysis of Workloads for Anomalies
- Ensuring Container Immutability
- Mandatory Access Control Implementation
- SELinux Configuration
- AppArmor Usage
- Generating AppArmor Profiles
- Laboratory Sessions
Issue Detection
- Understanding Phases of an Attack
- Preparation for Security Incidents
- Understanding Attack Progression
- Incident Handling During an Event
- Post-Incident Handling and Analysis
- Intrusion Detection Systems (IDS)
- Threat Detection Techniques
- Behavioral Analytics for Security
- Laboratory Sessions
Domain Reviews
- Preparing for the Certified Kubernetes Security (CKS) Exam
Requirements
Participants should possess Linux administration skills, including proficiency with the command line. They must be able to edit files using a command-line text editor and have a foundational understanding of security principles.
Audience
This course is designed for individuals who hold a CKA certification and are interested in or responsible for cloud security, particularly for government applications.
Experience Level: Intermediate
28 Hours
Testimonials (1)
experienced trainer
