• Урок 1. 00:00:00
    Welcome
  • Урок 2. 00:00:30
    Best Video Quality
  • Урок 3. 00:10:17
    K8s Security Best Practices
  • Урок 4. 00:02:44
    Cluster Specification
  • Урок 5. 00:03:48
    Practice - Create GCP Account
  • Урок 6. 00:04:54
    Practice - Configure "gcloud" command
  • Урок 7. 00:08:41
    Practice - Create Kubeadm Cluster in GCP
  • Урок 8. 00:01:01
    Practice - Firewall rules for NodePorts
  • Урок 9. 00:01:40
    Notice: Always stop your instances
  • Урок 10. 00:01:04
    Recap
  • Урок 11. 00:12:18
    Intro
  • Урок 12. 00:05:56
    Practice - Find various K8s certificates
  • Урок 13. 00:01:12
    Recap
  • Урок 14. 00:10:18
    Intro
  • Урок 15. 00:03:34
    Practice - The PID Namespace
  • Урок 16. 00:00:43
    Recap
  • Урок 17. 00:00:43
    Cluster Reset
  • Урок 18. 00:04:10
    Introduction 1
  • Урок 19. 00:05:05
    Introduction 2
  • Урок 20. 00:03:54
    Practice - Default Deny
  • Урок 21. 00:06:16
    Practice - Frontend to Backend traffic
  • Урок 22. 00:07:27
    Practice - Backend to Database traffic
  • Урок 23. 00:01:01
    Recap
  • Урок 24. 00:00:51
    Feedback
  • Урок 25. 00:04:10
    Introduction
  • Урок 26. 00:01:10
    Practice - Install Dashboard
  • Урок 27. 00:04:40
    Practice - Outside Insecure Access
  • Урок 28. 00:03:35
    Practice - RBAC for the Dashboard
  • Урок 29. 00:01:42
    Recap
  • Урок 30. 00:03:57
    Introduction
  • Урок 31. 00:07:15
    Practice - Create an Ingress
  • Урок 32. 00:08:44
    Practice - Secure an Ingress
  • Урок 33. 00:00:27
    Recap
  • Урок 34. 00:03:05
    Introduction
  • Урок 35. 00:02:03
    Practice: Access Node Metadata
  • Урок 36. 00:04:28
    Practice: Protect Node Metadata via NetworkPolicy
  • Урок 37. 00:00:36
    Recap
  • Урок 38. 00:02:25
    Introduction
  • Урок 39. 00:05:18
    Practice - CIS in Action
  • Урок 40. 00:03:51
    Practice - kube-bench
  • Урок 41. 00:01:52
    Recap
  • Урок 42. 00:01:15
    Introduction
  • Урок 43. 00:03:28
    Practice - Download and verify K8s release
  • Урок 44. 00:04:36
    Practice - Verify apiserver binary running in our cluster
  • Урок 45. 00:00:32
    Recap
  • Урок 46. 00:09:11
    Intro
  • Урок 47. 00:05:01
    Practice - Role and Rolebinding
  • Урок 48. 00:04:02
    Practice - ClusterRole and ClusterRoleBinding
  • Урок 49. 00:04:16
    Accounts and Users
  • Урок 50. 00:09:26
    Practice - CertificateSigningRequests
  • Урок 51. 00:01:01
    Recap
  • Урок 52. 00:01:21
    Intro
  • Урок 53. 00:05:02
    Practice - Pod uses custom ServiceAccount
  • Урок 54. 00:03:23
    Practice - Disable ServiceAccount mounting
  • Урок 55. 00:02:43
    Practice - Limit ServiceAccounts using RBAC
  • Урок 56. 00:01:08
    Recap
  • Урок 57. 00:04:24
    Introduction
  • Урок 58. 00:03:46
    Practice - Anonymous Access
  • Урок 59. 00:03:09
    Practice - Insecure Access
  • Урок 60. 00:03:40
    Practice - Manual API Request
  • Урок 61. 00:06:35
    Practice - External Apiserver Access
  • Урок 62. 00:02:03
    NodeRestriction AdmissionController
  • Урок 63. 00:03:46
    Practice - Verify NodeRestriction
  • Урок 64. 00:00:51
    Recap
  • Урок 65. 00:06:33
    Introduction
  • Урок 66. 00:01:53
    Practice - Create outdated cluster
  • Урок 67. 00:03:12
    Practice - Upgrade master node
  • Урок 68. 00:03:29
    Practice - Upgrade worker node
  • Урок 69. 00:01:08
    Recap
  • Урок 70. 00:03:39
    Introduction
  • Урок 71. 00:05:35
    Practice - Create Simple Secret Scenario
  • Урок 72. 00:03:22
    Practice - Hack Secrets in Docker
  • Урок 73. 00:03:48
    Practice - Hack Secrets in ETCD
  • Урок 74. 00:05:21
    ETCD Encryption
  • Урок 75. 00:18:43
    Practice - Encrypt ETCD
  • Урок 76. 00:04:51
    Recap
  • Урок 77. 00:06:36
    Introduction
  • Урок 78. 00:03:06
    Practice - Container calls Linux Kernel
  • Урок 79. 00:03:26
    Open Container Initiative OCI
  • Урок 80. 00:01:54
    Practice - Crictl
  • Урок 81. 00:02:11
    Sandbox Runtime Katacontainers
  • Урок 82. 00:02:05
    Sandbox Runtime gVisor
  • Урок 83. 00:03:55
    Practice - Create and use RuntimeClasses
  • Урок 84. 00:04:23
    Practice - Install and use gVisor
  • Урок 85. 00:01:08
    Recap
  • Урок 86. 00:03:19
    Intro and Security Contexts
  • Урок 87. 00:03:48
    Practice - Set Container User and Group
  • Урок 88. 00:02:27
    Practice - Force Container Non-Root
  • Урок 89. 00:01:35
    Privileged Containers
  • Урок 90. 00:02:51
    Practice - Create Privileged Containers
  • Урок 91. 00:00:57
    PrivilegeEscalation
  • Урок 92. 00:01:39
    Practice - Disable PriviledgeEscalation
  • Урок 93. 00:02:14
    PodSecurityPolicies
  • Урок 94. 00:09:21
    Practice - Create and enable PodSecurityPolicy
  • Урок 95. 00:01:45
    Recap
  • Урок 96. 00:07:57
    Intro
  • Урок 97. 00:06:09
    Practice - Create sidecar proxy
  • Урок 98. 00:01:08
    Recap
  • Урок 99. 00:00:43
    Cluster Reset
  • Урок 100. 00:05:59
    Introduction
  • Урок 101. 00:03:20
    Practice - Install OPA
  • Урок 102. 00:10:40
    Practice - Deny All Policy
  • Урок 103. 00:09:21
    Practice - Enforce Namespace Labels
  • Урок 104. 00:04:32
    Practice - Enforce Deployment replica count
  • Урок 105. 00:04:14
    Practice - The Rego Playground and more examples
  • Урок 106. 00:01:38
    Recap
  • Урок 107. 00:04:50
    Introduction
  • Урок 108. 00:07:00
    Practice - Reduce Image Footprint with Multi-Stage
  • Урок 109. 00:08:11
    Practice - Secure and harden Images
  • Урок 110. 00:01:55
    Recap
  • Урок 111. 00:06:55
    Introduction
  • Урок 112. 00:02:13
    Kubesec
  • Урок 113. 00:03:27
    Practice - Kubesec
  • Урок 114. 00:01:32
    OPA Confest
  • Урок 115. 00:04:08
    Practice - OPA Confest for K8s YAML
  • Урок 116. 00:03:22
    Practice - OPA Confest for Dockerfile
  • Урок 117. 00:01:19
    Recap
  • Урок 118. 00:07:05
    Introduction
  • Урок 119. 00:01:08
    Clair and Trivy
  • Урок 120. 00:04:21
    Practice - Use Trivy to scan images
  • Урок 121. 00:01:05
    Recap
  • Урок 122. 00:03:29
    Introduction
  • Урок 123. 00:03:59
    Practice - Image Digest
  • Урок 124. 00:05:40
    Practice - Whitelist Registries with OPA
  • Урок 125. 00:01:47
    ImagePolicyWebhook
  • Урок 126. 00:09:54
    Practice - ImagePolicyWebhook
  • Урок 127. 00:00:39
    Recap
  • Урок 128. 00:03:23
    Introduction
  • Урок 129. 00:04:23
    Practice - Strace
  • Урок 130. 00:07:09
    Practice - Strace and /proc on ETCD
  • Урок 131. 00:04:46
    Practice - /proc and env variables
  • Урок 132. 00:04:18
    Practice - Falco and Installation
  • Урок 133. 00:05:24
    Practice - Use Falco to find malicious processes
  • Урок 134. 00:04:51
    Practice - Investigate Falco rules
  • Урок 135. 00:08:44
    Practice - Change Falco Rule
  • Урок 136. 00:01:31
    Recap
  • Урок 137. 00:03:35
    Introduction
  • Урок 138. 00:04:48
    Ways to enforce immutability
  • Урок 139. 00:03:35
    Practice - StartupProbe changes container
  • Урок 140. 00:04:52
    Practice - SecurityContext renders container immutable
  • Урок 141. 00:00:51
    Recap
  • Урок 142. 00:11:40
    Introduction
  • Урок 143. 00:05:53
    Practice - Enable Audit Logging in Apiserver
  • Урок 144. 00:03:06
    Practice - Create Secret and check Audit Logs
  • Урок 145. 00:10:13
    Practice - Create advanced Audit Policy
  • Урок 146. 00:10:58
    Practice - Investigate API access history
  • Урок 147. 00:01:23
    Recap
  • Урок 148. 00:02:47
    Introduction
  • Урок 149. 00:02:44
    AppArmor
  • Урок 150. 00:06:09
    Practice - AppArmor for curl
  • Урок 151. 00:05:57
    Practice - AppArmor for Docker Nginx
  • Урок 152. 00:05:40
    Practice - AppArmor for Kubernetes Nginx
  • Урок 153. 00:03:34
    Seccomp
  • Урок 154. 00:02:40
    Practice - Seccomp for Docker Nginx
  • Урок 155. 00:07:47
    Practice - Seccomp for Kubernetes Nginx
  • Урок 156. 00:01:33
    Recap
  • Урок 157. 00:04:54
    Introduction
  • Урок 158. 00:02:06
    Practice - Systemctl and Services
  • Урок 159. 00:04:50
    Practice - Install and investigate Services
  • Урок 160. 00:02:03
    Practice - Disable application listening on port
  • Урок 161. 00:04:34
    Practice - Investigate Linux Users
  • Урок 162. 00:01:06
    Recap
  • Урок 163. 00:01:36
    Introduction
  • Урок 164. 00:01:25
    Rating and feedback
Этот курс находится в платной подписке. Оформи премиум подписку и смотри Kubernetes CKS 2021 Complete Course + Simulator, а также все другие курсы, прямо сейчас!
Премиум