Certified Kubernetes Security Specialist (CKS) Preparation Part 9 — Exam Hacks

If you have not yet checked the previous parts of this series, please go ahead and check Part1, Part2, Part3, Part4, Part5, Part6, Part7 and Part8.

This article would provide some exam hacks I used while taking the CKS certification exam.

• Bookmark whatever URLs/resources you would need and that are allowed to visit during the exam.

Source: Resources Allowed: All LF Certification Programs — T&C DOC (linuxfoundation.org)

• Go through each topic of the exam domains and try to see whether you understand why the topic is chosen, what the goal is and what you would need to understand and perform to achieve the goal. If you have no clues, you could review the each part of this series as a reference.
• Be familiar with all essential Linux administration commands. For example, the VMs provided in the exam only has “vi” for editing text files but you are a person that prefers “nano”. What you would need to do is install “nano” before even working on any task given in the exam. You would have root access on the virtual machine the exam provides.
• Linux terminal sometimes does not show the full content of what we are looking for, meaning it either does not wrap the line to show only within the provided windows size or it is showing the content through several pages. What if you would need to copy a paragraph of a long article or a subset of something such as Falco/sysdig default rules? The answer should be getting familiar with some parameters that could go with “grep” or other similar commands. Some references I found before the exam.
• Ensure to know how to manage Linux services. More importantly, ensure the services we are looking for are actually in the right state. If something goes wrong when the service is running, would you be able to find the root cause and resolution? Where are the file paths you check for service logs?

Reference 1: Start/Stop/Restart Linux service

Reference 2: Check logs via journalctl

• Double, triple verify the provided solution by doing the exact opposite actions requested in the exam. For example, if the exam asks you to create a Pod with certain label A to access a Pod with label B, verify by using a Pod without a label C and see whether it could actually contact a Pod with label B. Similar concepts go with other scenarios. This is already covered in the previous parts of this series.

If you have gone over each of the CKS exam topics multiple times and ensure you have decent understanding and hands-on experience, the CKS exam would just be another 2-hour lab environment for you to play around. Hope this series could be the treated as the high-level guideline for anyone that wants to challenge CKS certification in the near future!