• Home
  • Certified Kubernetes Security Specialist (CKS) Prep

Certified Kubernetes Security Specialist (CKS) Prep

Course Information

  • Sessions 4 days
  • Duration 30 hrs
  • Level Intermediate
  • Assessment NA

Venue

Download Course Brochure

Certification

  • Certificate of Completion from Tertiary Courses - Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a Certificate of Completion from Tertiary Courses.

Certified Kubernetes Security Specialist (CKS) Prep

Course Code: M1805

Be the first to review this product

What's This Course About

The Certified Kubernetes Security Specialist (CKS) Prep course prepares IT professionals to secure container-based applications and Kubernetes platforms in production environments. Learn how to configure secure cluster setups using network policies, TLS for Ingress, CIS benchmarks, and node protection. Participants will also explore cluster and system hardening practices, such as RBAC, service account restrictions, API access control, and OS-level protections using tools like AppArmor and seccomp.

Delve into microservice security by managing secrets, enforcing pod security standards, and using encryption techniques like Cilium for secure pod communication. Gain expertise in securing the software supply chain with trusted image registries, artifact validation, and static analysis tools. Finally, understand runtime security, threat detection, and incident investigation using Kubernetes audit logs and behavioral analytics. This course is ideal for Kubernetes administrators, DevOps engineers, and cloud security professionals pursuing the CKS certification.

WSQ Funding

Full Fee $6,400.00 Before GST
GST $576.00 9% of fee
Baseline Nett $3,776.00 SG/PR age 21+ · 50% funded
MCES / SME Nett $2,496.00 SG age 40+ · 70% funded
Funding and Grant Applications

No funding is available for this course.

Course Fee

₵6,400.00

Course Date

Course Time

* Required Fields

Additional Note

Please bring your own laptop for hands-on training. If you don't have laptop, we can provide spare laptop for training use.

Post-Course Support

  • We provide free consultation related to the subject matter after the course.
  • Please email your queries to info@tertiarycourses.com.gh and we will forward your queries to the subject matter experts and get back to you as soon as possible.

Cancellation & Reschedule Policy

  • We reserve the right to cancel or re-schedule the course due to unforeseen circumstances. If the course is cancelled, we will refund 100% to participants.
  • Note: the venue of the training is subject to changes due to class size and availability of the classroom. The minimum class size to start a class is 3 Pax.

Course Details

Course Details

What You'll Learn

Topic 1 Cluster Setup

  • Use Network security policies to restrict cluster level access
  • Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)
  • Properly set up Ingress with TLS
  • Protect node metadata and endpoints
  • Verify platform binaries before deploying

Topic 2 Cluster Hardening

  • Use Role Based Access Controls to minimize exposure
  • Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
  • Restrict access to Kubernetes API
  • Upgrade Kubernetes to avoid vulnerabilities

Topic 3 System Hardening

  • Minimize host OS footprint (reduce attack surface)
  • Using least-privilege identity and access management
  • Minimize external access to the network
  • Appropriately use kernel hardening tools such as AppArmor, seccomp

Topic 4 Minimize Microservice Vulnerabilities

  • Use appropriate pod security standards
  • Manage Kubernetes secrets
  • Understand and implement isolation techniques (multi-tenancy, sandboxed containers, etc.)
  • Implement Pod-to-Pod encryption using Cilium

Topic 5 Supply Chain Security

  • Minimize base image footprint
  • Understand your supply chain (e.g. SBOM, CI/CD, artifact repositories)
  • Secure your supply chain (permitted registries, sign and validate artifacts, etc.)
  • Perform static analysis of user workloads and container images (e.g. Kubesec, KubeLinter)

Topic 6 Monitoring, Logging and Runtime Security

  • Perform behavioral analytics to detect malicious activities
  • Detect threats within physical infrastructure, apps, networks, data, users and workloads
  • Investigate and identify phases of attack and bad actors within the environment
  • Ensure immutability of containers at runtime
  • Use Kubernetes audit logs to monitor access

Course Info

Promotion Code

Your will get 10% discount voucher for 2nd course onwards if you write us a Google review.

Minimum Entry Requirement

Knowledge and Skills

  • Able to operate using computer functions
  • Minimum 3 GCE ‘O’ Levels Passes including English or WPL Level 5 (Average of Reading, Listening, Speaking & Writing Scores)

Attitude

  • Positive Learning Attitude
  • Enthusiastic Learner

Experience

  • Minimum of 1 year of working experience.

Target Age Group: 18-65 years old

Minimum Software/Hardware Requirement

Software:

TBD

Hardware: Window or Mac Laptops

Job Roles

Job Roles

  • Kubernetes Administrator
  • DevSecOps Engineer
  • Cloud Security Engineer
  • Platform Engineer
  • Site Reliability Engineer (SRE)
  • Container Security Specialist
  • Infrastructure Security Engineer
  • DevOps Engineer
  • Security Operations Analyst
  • IT Security Manager
  • Systems Engineer
  • Cybersecurity Analyst
  • Network Security Engineer
  • Compliance Engineer
  • Application Security Analyst
  • Penetration Tester
  • Cloud Infrastructure Engineer
  • Technical Architect
  • Vulnerability Management Specialist
  • Open Source Security Consultant

Trainers

Trainers

Truman Ng: Truman Ng is a ACTA certified trainer that graduated with Bachelor Degree in Electrical Engineering from NUS in year 2002. He designed Artificial Intelligence (AI) controller for DC-DC Power Convertor by using Fuzzy Logic and Neural Network (NN) as his university Final Year Project. Truman has over 15 years project experiences across Database & Web Design, PLC machinery, Data Center Design , Structure Cabling System(SCS) and Enterprise Network Design and Implementation. He used to be a network architect for Hewlett Packard, working with a group of virtual team from the US in handling network design and projects in the States. Truman is the founder of Nexplore (S) Pte Ltd. He provides solutions of Cloud SaaS, IaaS & PaaS and Software Defined Network (SDN), VoIP and Internet Security. He was engaged by Huawei Global Training Center to provide 60+ consultations and trainings for Internet Service Providers(ISP) from Malaysia, Singapore, Brunei, Philippines, Australia, Poland, Iran, South Africa, Swaziland, Cote Dlvoire, Syria, Uzbekistan, New Zealand and countries over the world.
As achievement, Truman has successfully completed 100+ IT network projects for Bank, Hotel and Factory within 5 years.
Truman is certified in PMP, Cisco CCNP, CCIP, CCDP, HP Ase and Huawei HCNP, HCIE R&S, HCNA Cloud, HCNA Security, etc. Anil Bidari: Anil  is a ACLP certified trainer. He is an Enterprise Cloud and DevOps Consultant , responsible for  helping clients to move Virtual data centre to Private Cloud based on OpenStack and Public Cloud ( AWS, Azure and Google cloud) . Consulting and training experience on Devops tool chain like github , Jenkins, Sonarqube, Docker & kubernetes, Cloud foundry, Openshift, Ansible and SaltStack. Lot of my Role is involved design and implementation of a solution and training

Review

Write Your Own Review

You're reviewing: Certified Kubernetes Security Specialist (CKS) Prep

How do you rate this product? *

  1 star 2 stars 3 stars 4 stars 5 stars
1. Do you find the course meet your expectation?
2. Do you find the trainer knowledgeable in this subject?
3. How do you find the training environment