Cargando…
Certified Kubernetes Security Specialist (CKS) study guide /
Vulnerabilities in software and IT infrastructure pose a major threat to organizations. In response, the Cloud Native Computing Foundation (CNCF) developed the Certified Kubernetes Security Specialist (CKS) certification to verify an administrator's proficiency to protect Kubernetes clusters an...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, CA :
O'Reilly Media, Inc.,
2023.
|
| Edición: | [First edition]. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a22000007i 4500 | ||
|---|---|---|---|
| 001 | OR_on1350789566 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||unuuu | ||
| 008 | 221115s2023 cau o 000 0 eng d | ||
| 040 | |a ORMDA |b eng |e rda |e pn |c ORMDA |d OCLCF |d ORMDA |d EBLCP |d OCLCO | ||
| 020 | |z 9781098132972 | ||
| 029 | 1 | |a AU@ |b 000072937687 | |
| 035 | |a (OCoLC)1350789566 | ||
| 037 | |a 9781098132965 |b O'Reilly Media | ||
| 050 | 4 | |a QA76.76.A65 | |
| 082 | 0 | 4 | |a 005.3 |2 23/eng/20221115 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Muschko, Benjamin, |e author. | |
| 245 | 1 | 0 | |a Certified Kubernetes Security Specialist (CKS) study guide / |c Benjamin Muschko. |
| 250 | |a [First edition]. | ||
| 264 | 1 | |a Sebastopol, CA : |b O'Reilly Media, Inc., |c 2023. | |
| 300 | |a 1 online resource (200 pages) | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 520 | |a Vulnerabilities in software and IT infrastructure pose a major threat to organizations. In response, the Cloud Native Computing Foundation (CNCF) developed the Certified Kubernetes Security Specialist (CKS) certification to verify an administrator's proficiency to protect Kubernetes clusters and the cloud native software they contain. This practical book helps you fully prepare for the certification exam by walking you through all of the topics covered. Different from typical multiple-choice formats used by other certifications, this performance-based exam requires deep knowledge of the tasks it covers under intense time pressure. If you want to pass the CKS exam on the first go, author Benjamin Muschko shares his personal experience to help you learn the objectives, abilities, and tips and tricks you need to pass on the first attempt. Identify, mitigate, and/or minimize threats to cloud native applications and Kubernetes clusters Learn the ins and outs of Kubernetes's security features, and external tools for security detection and mitigation purposes Demonstrate competency to perform the responsibilities of a Kubernetes administrator or application developer with a security viewpoint Solve real-world Kubernetes problems in a hands-on, command-line environment Effectively navigate and solve questions during the CKS exam. | ||
| 588 | 0 | |a Online resource; title from title details screen (O'Reilly, viewed November 15, 2022). | |
| 505 | 0 | |a Intro -- Copyright -- Table of Contents -- Preface -- Who This Book Is For -- What You Will Learn -- Structure of This Book -- Conventions Used in This Book -- Using Code Examples -- O'Reilly Online Learning -- How to Contact Us -- Acknowledgments -- Chapter 1. Exam Details and Resources -- Kubernetes Certification Learning Path -- Kubernetes and Cloud Native Associate (KCNA) -- Kubernetes and Cloud Native Security Associate (KCSA) -- Certified Kubernetes Application Developer (CKAD) -- Certified Kubernetes Administrator (CKA) -- Certified Kubernetes Security Specialist (CKS) | |
| 505 | 8 | |a Exam Objectives -- Curriculum -- Cluster Setup -- Cluster Hardening -- System Hardening -- Minimize Microservice Vulnerabilities -- Supply Chain Security -- Monitoring, Logging, and Runtime Security -- Involved Kubernetes Primitives -- Involved External Tools -- Documentation -- Candidate Skills -- Practicing and Practice Exams -- Summary -- Chapter 2. Cluster Setup -- Using Network Policies to Restrict Pod-to-Pod Communication -- Scenario: Attacker Gains Access to a Pod -- Observing the Default Behavior -- Denying Directional Network Traffic -- Allowing Fine-Grained Incoming Traffic | |
| 505 | 8 | |a Applying Kubernetes Component Security Best Practices -- Using kube-bench -- The kube-bench Verification Result -- Fixing Detected Security Issues -- Creating an Ingress with TLS Termination -- Setting Up the Ingress Backend -- Creating the TLS Certificate and Key -- Creating the TLS-Typed Secret -- Creating the Ingress -- Calling the Ingress -- Protecting Node Metadata and Endpoints -- Scenario: A Compromised Pod Can Access the Metadata Server -- Protecting Metadata Server Access with Network Policies -- Protecting GUI Elements -- Scenario: An Attacker Gains Access to the Dashboard Functionality | |
| 505 | 8 | |a Installing the Kubernetes Dashboard -- Accessing the Kubernetes Dashboard -- Creating a User with Administration Privileges -- Creating a User with Restricted Privileges -- Avoiding Insecure Configuration Arguments -- Verifying Kubernetes Platform Binaries -- Scenario: An Attacker Injected Malicious Code into Binary -- Verifying a Binary Against Hash -- Summary -- Exam Essentials -- Sample Exercises -- Chapter 3. Cluster Hardening -- Interacting with the Kubernetes API -- Processing a Request -- Connecting to the API Server -- Restricting Access to the API Server | |
| 505 | 8 | |a Scenario: An Attacker Can Call the API Server from the Internet -- Restricting User Permissions -- Scenario: An Attacker Can Call the API Server from a Service Account -- Minimizing Permissions for a Service Account -- Updating Kubernetes Frequently -- Versioning Scheme -- Release Cadence -- Performing the Upgrade Process -- Summary -- Exam Essentials -- Sample Exercises -- Chapter 4. System Hardening -- Minimizing the Host OS Footprint -- Scenario: An Attacker Exploits a Package Vulnerability -- Disabling Services -- Removing Unwanted Packages -- Minimizing IAM Roles | |
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Application software |x Development |v Study guides. | |
| 650 | 0 | |a Virtual computer systems |v Study guides. | |
| 650 | 0 | |a Open source software. | |
| 650 | 0 | |a Computer programmers |x Certification. | |
| 650 | 6 | |a Logiciels d'application |x Développement |v Guides de l'étudiant. | |
| 650 | 6 | |a Systèmes virtuels (Informatique) |v Guides de l'étudiant. | |
| 650 | 6 | |a Logiciels libres. | |
| 650 | 7 | |a Application software |x Development |2 fast | |
| 650 | 7 | |a Computer programmers |x Certification |2 fast | |
| 650 | 7 | |a Open source software |2 fast | |
| 650 | 7 | |a Virtual computer systems |2 fast | |
| 655 | 0 | |a Electronic books. | |
| 655 | 7 | |a Study guides |2 fast | |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781098132965/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL30592831 | ||
| 994 | |a 92 |b IZTAP | ||