If you’re new to Kubernetes and still trying to wrap your head around how the whole thing works, let alone how to keep it secure, this Certification is for you! We’ll walk through all of the facets of Kubernetes security Specialist and explain to easily pass the exam, as well as best practices for Kubernetes security Specialists.
Security is the most essential thing in any industry. And when it comes to securing Kubernetes, is an extremely complicated task. Kubernetes is a complex system that consists of different components and elements including docker containers and other components. It has been built with the goal of being highly scalable, highly available, and easy to use, which makes it very popular among organizations all over the world. Kubernetes are not as simple as securing a server or installing security tools or enabling firewalls.
But as with any complex system, Kubernetes requires constant attention to keep it secure. Kubernetes security is not just about securing the Kubernetes components themselves. It requires you to secure various layers and services within a Kubernetes cluster. For example, secure Kubernetes nodes, networks, pods, data, and so on.
Note:- CKA Certification must be active (non-expired) when the CKS exam (including Retakes) is scheduled.
Domains & Competencies
Cluster Setup 10%
Cluster Hardening 15%
System Hardening 15%
Minimize Microservice Vulnerabilities 20%
Supply Chain Security 20%
Monitoring, Logging, and Runtime Security 20%
Exam Details
Name: Certified Kubernetes Security Specialist | Code: CKS |
Duration: 120 Minutes | Format: Scenario-based |
Type: Security | Number of Questions: 15-20 tasks? |
Passing Score: 67% or above | Fee: 395 USD |
Language: English, Simplified Chinese, and Japanese | Validity: 2 years |
Retake: One free retake | Prerequisite: CKA Certification Active (non-expired) |
Provider: CNCF | Is Proctored: Yes |
Training: optional | Center: PSI |
Exam Preparation
This is an online performance-based exam that requires you to solve multiple tasks from a command line running Kubernetes. You get two hours to finish the tasks.
Prior to taking the Certified Kubernetes Security Specialist (CKS) exam, you must have taken and passed the Certified Kubernetes Administrator (CKA) exam.CKS can be purchased but cannot be scheduled until CKA certification is obtained.CKA Certification must be current (not expired) on the date of the CKS exam (including retakes). CKA Certificate is valid for 3 years so you get enough time for CKS.
CKS is harder than the other two K8s exams. Although many exam takers say you can easily complete CKS if you have cleared CKA and CKD before. We recommend getting any training for the exam preferably those training who provide you lab access also. Training from the Linux Foundation is also very good but lacks lab features.
Once you purchase the CKS exam, you get two simulator sessions available. The simulator is similar to the real exam and feels like appearing for the real exam. Usually, the simulator is harder than the actual exam. But it’s really good for your practice and gives you exam like environment. Attempt the simulator once you feel ready for the exam. Take the experience of the first simulator to the next session and try to complete the exam before 2 hours. your exam environment will be up for 36 hours, even after your exam is finished. This is very useful to check those answers which you have not done well.
Once you register for the Certified Kubernetes Security Specialist (CKS) exam you will be given two attempts (one per exam registration) on an exam simulator provided by Killer.sh.
The current exam is built on Kubernetes version 1.24.
Within 4 to 8 weeks of the K8s release date, the CKS exam environment will be aligned with the most recent K8s minor version.
Exam Tips and Tricks
- During the exam, speed really matters. follow the below tips from previous exam takers which will surely help you to pass the exam.
- This is an online exam and is proctored. you make sure you have the proper setup to share screen, webcam, and microphone.
- you are allowed to open 2 tabs one exam screen and one Kubernetes official document page.
- Start by solving easy questions first that you are sure you can solve quickly.
- Remember or note down the question and its score that you have completed it will help you to reach a passing score on time.
- Use the command line as much as possible to create some alias for frequent commands it will help you to save time. Also, use the command given in each question to switch to the root else you may run your command inside of any wrong cluster.
- If you find any tricky question, flag it (there is a button to flag tasks) or make a note in the built-in notepad.
Link to register for the Certified Kubernetes Security Specialist exam.
Best of luck with the exam!