Understand the different deployment models (OpenShift, EKS/AKS, Docker on a single server, etc)
Industry Roles:
Assessment Methods:
Understand the security implications of using Kubernetes
Industry Roles:
Assessment Methods:
Understand the functionality offered by Kubernetes
Industry Roles:
Assessment Methods:
Understand how to manage containers throughout their lifecycle
Industry Roles:
Assessment Methods:
Understand the security implications of using third-party containers
Industry Roles:
Assessment Methods:
Understands the key differences between virtualisation and containerisation • Can identify and interrogate running containers on a host • Understands the concepts of layered filesystems and how to extract and analyse specific layers within an image • Can identify common vulnerabilities and weaknesses present in containers, including: • Missing security patches • Weak file permissions • Insufficient or lack of resource quotas • Presence of sensitive information in environment variables, running processes or filesystem • Understands and can analyse Dockerfile files to uncover weaknesses in static images, including: • Use of unencrypted connections for performing downloads • Use of overly generous permissions, e.g. running as the root user 30 • Inclusion of sensitive information, e.g. passwords or private keys • Unnecessary exposure of ports
Industry Roles:
Assessment Methods: