From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Security event log review - Kubernetes Tutorial
From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep
Security event log review
- Reviewing Kubernetes logs is one of the first things that you're going to need to do because ultimately, logs are the first line of defense in identifying any suspicious behavior that could be happening within your cluster. And part of the CKS exam is intended to be able to test your ability to be able to interpret and act on these various logs. Now, there are a number of essential logs that we've talked about throughout the course and focusing on things like the API server's audit logs, those are going to be really, really important, as well as the kubelet logs, the pod logs, and the event logs that you're typically going to see. Now, various applications that we've talked about, like Falco, they're going to have their own logs, so being able to know where to find potential issues is part of the exam as well. Now, these different ones, you can use various tools to be able to get access to them, but as you start to look at being able to parse through them and to see the different…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Module 3: Cluster hardening introduction37s
-
(Locked)
Learning objectives33s
-
(Locked)
Kubernetes API fundamentals6m 31s
-
(Locked)
Kubernetes access control10m 44s
-
(Locked)
API server configuration11m 38s
-
(Locked)
API server hardening13m 6s
-
(Locked)
Verify access control policies13m 37s
-
(Locked)
-
-
(Locked)
Module 6: Software supply chain security introduction40s
-
(Locked)
Learning objectives35s
-
(Locked)
Software supply chain risks9m 25s
-
(Locked)
Protect image registry access5m 36s
-
(Locked)
Require signed images14m 22s
-
(Locked)
Policy enforcement: Image policy webhook21m 28s
-
(Locked)
Policy enforcement: Validating admission policy8m 55s
-
(Locked)
-
-
(Locked)
Learning objectives47s
-
(Locked)
Understanding syscall behavioral analysis12m 28s
-
(Locked)
Using Falco for threat detection7m 14s
-
(Locked)
Falco host installation14m
-
(Locked)
Falco Kubernetes installation13m 51s
-
(Locked)
Falco configuration and rules7m 42s
-
(Locked)
Falco custom rules in action19m 17s
-
(Locked)
-
-
(Locked)
Module 8: Exam practice scenarios introduction42s
-
(Locked)
Learning objectives52s
-
(Locked)
Securing Kubernetes API access12m 37s
-
(Locked)
Implementing pod security standards (PSS)11m 43s
-
(Locked)
Enforcing network policies for pod communication12m 27s
-
(Locked)
Restricting image registries11m 7s
-
(Locked)
Configuring secret encryption12m 32s
-
(Locked)