Course Outline

Introduction

  • Linux Foundation
  • Linux Foundation Training
  • Linux Foundation Certifications
  • Linux Foundation Digital Badges
  • Laboratory Exercises, Solutions and Resources
  • E-Learning Course: LFS260
  • Distribution Details
  • Labs

Cloud Security Overview

  • Multiple Projects
  • What is Security?
  • Assessment
  • Prevention
  • Detection
  • Reaction
  • Classes of Attackers
  • Types of Attacks
  • Attack Surfaces
  • Hardware and Firmware Considerations
  • Security Agencies
  • Manage External Access
  • Labs

Preparing to Install

  • Image Supply Chain
  • Runtime Sandbox
  • Verify Platform Binaries
  • Minimize Access to GUI
  • Policy Based Control
  • Labs

Installing the Cluster

  • Update Kubernetes
  • Tools to Harden the Kernel
  • Kernel Hardening Examples
  • Mitigating Kernel Vulnerabilities
  • Labs

Securing the kube-apiserver

  • Restrict Access to API
  • Enable Kube-apiserver Auditing
  • Configuring RBAC
  • Pod Security Policies
  • Minimize IAM Roles
  • Protecting etcd
  • CIS Benchmark
  • Using Service Accounts
  • Labs

Networking

  • Firewalling Basics
  • Network Plugins
  • iptables
  • Mitigate Brute Force Login Attempts
  • Netfilter rule management
  • Netfilter Implementation
  • nft Concepts
  • Ingress Objects
  • Pod to Pod Encryption
  • Restrict Cluster Level Access
  • Labs

Workload Considerations

  • Minimize Base Image
  • Static Analysis of Workloads
  • Runtime Analysis of Workloads
  • Container Immutability
  • Mandatory Access Control
  • SELinux
  • AppArmor
  • Generate AppArmor Profiles
  • Labs

Issue Detection

  • Understanding Phases of Attack
  • Preparation
  • Understanding an Attack Progression
  • During an Incident
  • Handling Incident Aftermath
  • Intrusion Detection Systems
  • Threat Detection
  • Behavioral Analytics
  • Labs

Domain Reviews

  • Preparing for the Exam - CKS

Requirements

Participants should have an understanding of Linux administration skills, comfortable using the command line. Must be able to edit files using a command-line text editor. Basic security knowledge.

Audience

This course is ideal for anyone holding a CKA certification and interested in or responsible for cloud security.

Experience Level: Intermediate

 28 Hours

Delivery Options

Private Group Training

Our identity is rooted in delivering exactly what our clients need.

  • Pre-course call with your trainer
  • Customisation of the learning experience to achieve your goals -
    • Bespoke outlines
    • Practical hands-on exercises containing data / scenarios recognisable to the learners
  • Training scheduled on a date of your choice
  • Delivered online, onsite/classroom or hybrid by experts sharing real world experience

Private Group Prices RRP from €9120 online delivery, based on a group of 2 delegates, €2880 per additional delegate (excludes any certification / exam costs). We recommend a maximum group size of 12 for most learning events.

Contact us for an exact quote and to hear our latest promotions


Public Training

Please see our public courses

Provisonal Upcoming Courses (Contact Us For More Information)

Related Categories