KCSA
Kubernetes and Cloud Native Security Associate
The Kubernetes and Cloud Native Security Associate (KCSA) certification validates foundational knowledge of security in Kubernetes and cloud-native environments. This certification demonstrates understanding of security principles, best practices, and tools used to secure containerized applications and Kubernetes clusters.
The exam covers five key domains: Cluster Setup and Hardening (20%), System Hardening (20%), Minimize Microservice Vulnerabilities (20%), Supply Chain Security (20%), and Monitoring, Logging, and Runtime Security (20%). Candidates must demonstrate knowledge of RBAC, network policies, pod security standards, container image scanning, admission controllers, runtime security tools, and security auditing practices.
The KCSA exam consists of 60 multiple-choice questions administered online over 90 minutes, with a passing score of 75%. This certification is ideal for security professionals, DevOps engineers, platform engineers, and anyone responsible for securing Kubernetes environments. KCSA provides foundational security knowledge and serves as preparation for the more advanced Certified Kubernetes Security Specialist (CKS) certification.
KCSA Practice Exam 1
Comprehensive 50-question practice exam covering Kubernetes security fundamentals including API server security, RBAC, TLS bootstrapping, CIS benchmarks, network policies, pod security standards, image scanning, audit logging, and Falco basics.
KCSA Practice Exam 2
Intermediate 50-question practice exam covering admission controllers, OPA/Gatekeeper, secrets management, service accounts, seccomp/AppArmor, container sandboxing, SBOM, Sigstore/cosign, and runtime detection.
KCSA Practice Exam 3
Advanced 50-question practice exam covering mTLS/service mesh security, certificate rotation, etcd encryption, vulnerability management, SLSA framework, Notary/TUF, and eBPF security monitoring.
KCSA Practice Exam 4
Advanced 50-question practice exam focusing on cluster security topics including Kubernetes API audit policies, webhook admission controllers, PodSecurityPolicy migration to Pod Security Admission, Cilium and Calico network policies, and encryption providers for securing data at rest in etcd.
KCSA Practice Exam 5
Advanced 50-question practice exam focusing on supply chain security topics including in-toto attestations, Kyverno policies for image verification, cosign signature verification, ephemeral environments security, workload identity federation, cloud IAM integration with Kubernetes, and automated secrets rotation strategies.
KCSA Practice Exam 6
Advanced 50-question practice exam focusing on incident response and forensics topics including container forensics, memory forensics, malware analysis in containers, compliance frameworks (SOC2, PCI-DSS, HIPAA) on Kubernetes, penetration testing Kubernetes clusters, red team and blue team exercises, and zero-trust networking architectures.
Odblokuj całą zawartość za KCSA
6 Test(y) praktyczne + Fiszki — Dostęp na 3 miesiące
lub w ramach subskrypcji Miesięcznej / Pakietu treści