Certification > Cloud & Containers > Certified Kubernetes Security Specialist (CKS)
CERTIFICATION

Certified Kubernetes Security Specialist (CKS)

Proven security & Kubernetes skills are a career door opener! Show off your skills with this globally recognized, vendor-neutral certification.

CKS includes:

✔ 12-months to schedule & take the exam
✔ Access to two exam simulation attempts
✔ Two exam attempts

Now Available! You can bundle CKS with an annual THRIVE subscription to get access to more than 100 educational products, including Kubernetes Security Essentials (LFS260) and SkillCreds for only $595!

REMINDER: The Certified Kubernetes Security Specialist (CKS) Program Changes went into effect October 15, 2024.

How will the CKS benefit me?

  • Proves High-Demand Security Skills
  • Career Advancement
  • Industry-wide Credential Recognition
  • Networking Opportunities

read less read more
What about AWS, Red Hat & other certs?
Make sure your IT credentials include a strong, vendor-neutral foundation for the best career flexibility and growth. Add CKS to your career profile today & check out our career roadmap for what's next.
read less read more
Not sure if you're ready? Check out these resources!
read less read more
Domains & Competencies
Expand All
Collapse All
Cluster Setup15%
Use Network security policies to restrict cluster level access
Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)
Properly set up Ingress with TLS
Protect node metadata and endpoints
Verify platform binaries before deploying
Cluster Hardening15%
Use Role Based Access Controls to minimize exposure
Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
Restrict access to Kubernetes API
Upgrade Kubernetes to avoid vulnerabilities
System Hardening10%
Minimize host OS footprint (reduce attack surface)
Using least-privilege identity and access management
Minimize external access to the network
Appropriately use kernel hardening tools such as AppArmor, seccomp
Minimize Microservice Vulnerabilities20%
Use appropriate pod security standards
Manage Kubernetes secrets
Understand and implement isolation techniques (multi-tenancy, sandboxed containers, etc.)
Implement Pod-to-Pod encryption using Cilium
Supply Chain Security20%
Minimize base image footprint
Understand your supply chain (e.g. SBOM, CI/CD, artifact repositories)
Secure your supply chain (permitted registries, sign and validate artifacts, etc.)
Perform static analysis of user workloads and container images (e.g. Kubesec, KubeLinter)
Monitoring, Logging and Runtime Security20%
Perform behavioral analytics to detect malicious activities
Detect threats within physical infrastructure, apps, networks, data, users and workloads
Investigate and identify phases of attack and bad actors within the environment
Ensure immutability of containers at runtime
Use Kubernetes audit logs to monitor access
Exam Details & Resources
This exam is an online, proctored, performance-based test that requires solving multiple tasks from a command line running Kubernetes. Candidates have 2 hours to complete the tasks. Certified Kubernetes Security Specialist (CKS) candidates must have taken and passed the Certified Kubernetes Administrator (CKA) exam prior to attempting the CKS exam.

The exam is based on Kubernetes v1.31
The CKS exam environment will be aligned with the most recent K8s minor version within approximately 4 to 8 weeks of the K8s release date.

About the CKS
The CKS was created by the Linux Foundation and the Cloud Native Computing Foundation (CNCF) as a part of their ongoing effort to help develop the Kubernetes ecosystem. The exam is online, proctored, performance-based test that requires solving multiple tasks from a command line running Kubernetes.

Once enrolled you will receive access to an exam simulator, provided by Killer.sh, allowing you to experience the exam environment. You will have two simulation attempts (36 hours of access for each attempt from the start of activation). The simulation includes 20-25 questions that are exactly the same for every attempt and every user, unlike the actual exam. The simulation will provide graded results.

Prerequisites
Certified Kubernetes Security Specialist (CKS) candidates must have taken and passed the Certified Kubernetes Administrator (CKA) exam prior to attempting the CKS exam.
Reviews
Sep 2024
I have learned many new tools, and how to use them in real world scenarios.
Aug 2024
Hard exam, but if you come prepared with the recommended sources, plus your killer.sh attempts, you will be fine.
Jul 2024
100% practical exam, no “gotcha” questions. A limited focus on rote memorization, with a heavy focus on solid technical understanding of the material at hand. Sets a strong standard/baseline that other IT Certifications should try and meet.
Jul 2024
I learned about a lot of security tools I was unaware of. I feel confident that I can secure things within a Kubernetes cluster.
Jul 2024
The exam gave a good insight into cloud-native security, and helped me improve my skills as a cloud engineer.
Jun 2024
Hands-on format is really great at testing the practical knowledge and not just theory cramming.
May 2024
I liked that the exam is hands-on, which, together with the time limit, encourages a certain level of proficiency, which turned out to help me be a little faster and more efficient with Kubernetes tasks at my job.
Apr 2024
I like that it is performance-based. And that it is very challenging. It ensures the candidate understands the concepts thoroughly.
Feb 2024
The exam is challenging and covers a broad aspect of the Kubernetes day-to-day administration tasks.
Jan 2024
Time management and hands-on practice are the most important required skills to attend and complete this exam.
Nov 2023
CKS is a great topic. It's the master's degree of the Kubernetes exams, and you need to know the topics well enough to jump right in and solve the questions. I'm still working toward that elite level, so I probably need another attempt or two until I get it. The scars will be worth it.
Oct 2023
It is the perfect addition to the CKAD and CKA because it opens your mind regarding security, auditing, logging, and, last but not least, the ability to troubleshoot various problems related to networking.
Oct 2023
This certification is a great opportunity to validate knowledge on some topics and better understand others. It also helped me find interesting job opportunities.
Jul 2023
It is high performance & well adopted & checking the real knowledge exam. It can be a KPI & knowledge indicator for all kinds of DevOps specialists. It is ~2 times harder than CKA, but not in case of task difficulty, but in case of time limitations & you have to do some tasks time-cost things.
Apr 2023
The hands-on element of the exam is my most significant selling point to me. If you can pass the exam, you are capable of operating a Kubernetes cluster. The same cannot be said for many other multiple-choice IT exams.
Add Unlimited Access to e-Learning Courses + SkillCreds with the THRIVE Subscription for just $200 more
$595
Exam + THRIVE Subscription
Buy Bundle
100% Money Back Guarantee
Includes
Online Exam Delivery
Duration of Exam 2 Hours
Certification Valid 2 Years
Software Version: Kubernetes v1.31
12 Month Exam Eligibility
One Retake
PDF Certificate and Digital Badge
Performance-Based Exam
Exam Simulator
Experience Level: Intermediate
Get a Quote
Gift this certification
Certifying more than 10 people?Get a corporate quote.
Learn more about Kubernetes, cloud native, security, open source, career profiles, and more—check out our blog!
Follow us onLinkedIn