Course Outline


  • Linux Foundation
  • Linux Foundation Training
  • Linux Foundation Certifications
  • Linux Foundation Digital Badges
  • Laboratory Exercises, Solutions and Resources
  • E-Learning Course: LFS260
  • Distribution Details
  • Labs

Cloud Security Overview

  • Multiple Projects
  • What is Security?
  • Assessment
  • Prevention
  • Detection
  • Reaction
  • Classes of Attackers
  • Types of Attacks
  • Attack Surfaces
  • Hardware and Firmware Considerations
  • Security Agencies
  • Manage External Access
  • Labs

Preparing to Install

  • Image Supply Chain
  • Runtime Sandbox
  • Verify Platform Binaries
  • Minimize Access to GUI
  • Policy Based Control
  • Labs

Installing the Cluster

  • Update Kubernetes
  • Tools to Harden the Kernel
  • Kernel Hardening Examples
  • Mitigating Kernel Vulnerabilities
  • Labs

Securing the kube-apiserver

  • Restrict Access to API
  • Enable Kube-apiserver Auditing
  • Configuring RBAC
  • Pod Security Policies
  • Minimize IAM Roles
  • Protecting etcd
  • CIS Benchmark
  • Using Service Accounts
  • Labs


  • Firewalling Basics
  • Network Plugins
  • iptables
  • Mitigate Brute Force Login Attempts
  • Netfilter rule management
  • Netfilter Implementation
  • nft Concepts
  • Ingress Objects
  • Pod to Pod Encryption
  • Restrict Cluster Level Access
  • Labs

Workload Considerations

  • Minimize Base Image
  • Static Analysis of Workloads
  • Runtime Analysis of Workloads
  • Container Immutability
  • Mandatory Access Control
  • SELinux
  • AppArmor
  • Generate AppArmor Profiles
  • Labs

Issue Detection

  • Understanding Phases of Attack
  • Preparation
  • Understanding an Attack Progression
  • During an Incident
  • Handling Incident Aftermath
  • Intrusion Detection Systems
  • Threat Detection
  • Behavioral Analytics
  • Labs

Domain Reviews

  • Preparing for the Exam - CKS


Participants should have an understanding of Linux administration skills, comfortable using the command line. Must be able to edit files using a command-line text editor. Basic security knowledge.


This course is ideal for anyone holding a CKA certification and interested in or responsible for cloud security.

Experience Level: Intermediate

  28 Hours

Related Courses

Kubernetes Administration (LFS458)

  28 hours

Kubernetes for App Developers (LFD459)

  21 hours

Linux for Cloud Technicians (LFS303). Preparation for Linux Foundation Certified Cloud Technician (LFCT) with exam

  28 hours

Linux System Administration (LFS307). Preparation for Linux Foundation Certified System Administrator (LFCS) with exam.

  28 hours

Linux for System Administrators (LFS301 retired)

  28 hours

Linux Security (LFS416)

  28 hours

Linux Performance Tuning (LFS426)

  28 hours

Fundamentals of Linux (LFS300)

  28 hours

Linux Enterprise Automation (LFS430)

  28 hours

Open Source Virtualization (LFS462)

  28 hours

Linux for System Engineers (LFS311)

  28 hours

Developing Applications For Linux (LFD401)

  28 hours

Advanced Boot Camp for Developers Infomatica PowerCenter 9.5.1

  28 hours

Installation and Configuration of Infomatica

  7 hours

Infomatica MFT

  70 hours