Creating a Kubernetes user with certificate-based authentication, including CSR approval, RBAC role and rolebinding setup, and kubeconfig configuration.

Running containers with alternative runtimes such as Kata Containers and gVisor (runsc) using Docker.

CKS mock test 2, question 3: Secure a pod by disabling automatic mounting of the service account secret token using automountServiceAccountToken.

CKS mock test 2, question 2: Create a NetworkPolicy to allow only app1 and app2 pods to access the redis-backend, blocking app3.

CKS mock test 2, question 1: Create a NetworkPolicy to restrict access to a redis-backend pod using namespace and pod label selectors.

CKS mock test 1 covering AppArmor profiles, seccomp, Trivy vulnerability scanning, and Falco runtime security rules.

Make sure you check out these tips and tricks from other students who have cleared the exam.

How to create an etcd snapshot backup using etcdctl with TLS certificates on a Kubernetes cluster.

Overview of authentication methods against the Kubernetes API server, including basic auth, token auth, and certificate-based authentication.

Learn about Linux syscalls and seccomp profiles for Kubernetes, including how to look up syscall numbers and create audit and violation profiles.