Open in app

Sign in

Write

Sign in

My CKS Experience

Arnav Tripathy
4 min readMay 19, 2024

--

CKS image

Certified Kubernetes Security Specialist(CKS) is a certification exam provided by Linux Foundation to test a candidate’s security knowledge and application in Kubernetes. In order to pass the exam, a candidate must pass a 2 hours hands-on exam where they’ll have to apply security best practices on Kubernetes clusters. This was a certification I was keen to achieve since I wasn’t very strong with Kubernetes security as such and wanted to improve my skills in Devsecops.

Before we dive into the review, a quick background about myself: I work as a Security Engineer in Browserstack where my daily work involves security tooling and automation on both the application side and Cloud side. Before Browserstack, I used to work as a Devops engineer where I honed my skills in Kubernetes by deploying and managing multiple clusters from scratch. It would be fair to say that I have decent experience in Kubernetes and my basics in architecture and debugging failures when it comes to Kubernetes is on a good level. This is very important when it comes to CKS because apart from security, CKS really tests your basics in Kubernetes when something goes wrong. For example, you might apply something the wrong way and it might get tedious to debug if your basics in Kubernetes are not clear.

To start off, I started my preparation for the exam on the first week of April 2024. I used the CKS course available in Kodekloud exclusively for my preparation for the course. I was able to breeze through the course since most of my basics were clear and it did not take much time to understand and apply the concepts taught. There were many days where I didn’t do any studying throughout April since I had to travel for work but overall, I would still say it was smooth. I scheduled my exam on May 12th 2024. I was confident I would pass the exam with ease and minimal issues.

Boy was I wrong! I failed my first attempt quite badly :( . I got a score of 49 (passing mark is 67) out of 100 and it tore down my confidence. Here’s where I went wrong:

  • I had read multiple reviews that the exam was gonna be lengthy and would be hard to complete all the questions. So I had decided to skip preparing for a few questions such as the Falco one and few more in order to save time.
  • I had grossly underestimated the exam environment. The first time I used it, I was very frustrated with it and lost a lot of time in being acquainted with it.
  • I was very overconfident that I can solve everything with ease and as a result I didn’t spend time in learning how to verify my applied configurations. The exam quickly humbled me and brought me down to earth in the first few questions itself which were harder than the ones I had practiced. Since I didn’t know if what I had applied was correct, I was not sure with what I was doing

Since my voucher was going to expire on May 18th, i had no choice but to schedule my second take 6 days after my first exam. This left me with only 5 days to prepare including my full time work. Here’s what I changed about my preparation and you should too before giving the exam:

  • Spend time in debugging and verifying your applied configurations. This will give you a peace of mind in the exam and know where you went wrong. Learn how you can debug a wrongly applied RBAC and static Pod configuration.
  • Do the killer.sh challenges included with your exam voucher. This will give you a feel of how the exam environment will be like. I had foolishly skipped those challenges and post my first attempt, I facepalmed myself hard. Resize the browser so that you can search in the browser using Ctrl+F .
  • Practice for 100%. Do not leave out the lengthy questions. This is more of a mindset thing rather than a technical prep thing. Practicing for 100% will give you the confidence to tackle the exam.

With these changes in my preparation, I gave my second attempt on May 18th 2024 and passed the exam with 74. I am not really sure where I went wrong because I thought I had applied all my configs correctly. But nonetheless, I was happy I passed the exam. I am excited to apply all the knowledge I learnt for this certification in my work.

About killer.sh : The questions in killer.sh are a lot harder to solve within the timeframe. It also contains questions beyond the scope of the exam, so I would recommend to use killer.sh as a learning tool rather than an evaluation tool. Go through each solution and practice them, you’ll definitely learn a lot. :)

One free alternative I can recommend besides Kodekloud is the below Youtube video. The material is more than enough to pass the exam.
https://www.youtube.com/watch?v=d9xfB5qaOfg

You can check out my experience for other Kubernetes certs:

CKAD: https://arnavtripathy98.medium.com/my-ckad-experience-9494de3835a

CKA: https://medium.com/@arnavtripathy98/my-cka-experience-ckad-vs-cka-faq-2c27ca7892ab

P.S. I have documented my experience for other major CyberSecurity certs such as OSCP, CRTP, etc. You can check out the other blogs in my profile :)

Kubernetes
Devsecops
DevOps
Cybersecurity
Docker

--

--

Arnav Tripathy

Written by Arnav Tripathy

629 Followers

Feline powered security engineer . Follow me for a wide variety of topics in the field of cyber security and dev(sec)ops. Kubestronaut FTW!

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams