ABOUT US

ICSI is a UK registered company that offers specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals. It was created in response to the growing threats of cyber-crimes and the resulting demand for data security and protection.

ICSI | Certifications
white_logo_transparent_background.png
VISIT US

Bletchley Park Science and Innovation Centre Bletchley , Milton Keynes 
MK3 6EB

tel: +44 (0) 19 08 88 04 93

Contrary to other course providers, our technical courses exams are performance based (not multiple choice). This assures any prospective employer that you are indeed familiar with real-life cybersecurity problems, and gives you the confidence you will need in a new work environment.

Course Outline: Secure Docker and Kubernetes

Duration:  3 Days 


Candidate Prerequisites: 

Basic Familiarity with Networking and Linux Operating System.

Overview:

This Docker and Kubernetes have changed the game on application deployment with a major impact on web development. In order to effectively use Docker or Kubernetes you need to be aware of potential security issues and the techniques to secure containers. This 3-day hands-on training course will provide techniques and tools for attacks against Docker, Kubernetes and container infrastructure.  Best practices will be shown on how to secure Docker and Kubernetes and how to run containers securely. At the end several tools will be demonstrated on how to assess Docker, Kubernetes and containers to identify vulnerabilities.


Who Should Attend:

  • System Administrators

  • IT Security Administrators

  • IT Security Engineers

  • Penetration Testers

  • Cloud Architects

What is Included:
•    eBook
•    Lab Guide
•    6 months 24x7 remote access to a virtual lab
•    Certificate of Attendance (Digital)

 

Day 1


Module 1: Introduction to Docker

  • What is Docker

  • Docker History

  • Docker Engine

  • Docker Hub
     

Module 2: Docker Architecture and Components

  • Docker Daemon

  • Images and Containers

  • containerd

  • runc

  • Docker Client

  • Docker Registry

  • Docker Swarm
     

Module 3: Docker Network Drivers

  • Bridge Network

  • Host Network

  • None Network

  • MACVLAN

  • Overlay Network
     

Module 4: Working with Images

  • Overview of Dockerfile

  • Docker Layers

  • Building Images
     

Day 2
 

Module 5: Container Fundamentals

  • What Containers Are

  • Linux Containers

  • Windows Containers
     

Module 6: Docker Security

  • Kernel Namespaces

  • Control Groups

  • Linux Kernel Capabilities

  • Docker Daemon Attack Surface

  • TCP Listening

  • Docker.SOCK

  • Compromising Containers
     

Module 7: Docker Swarm

  • Docker Swarm Features

  • Components of Docker Swarm

  • Docker Swarm Security

 

Day 3
 

Module 8: Introduction to Kubernetes

  • Overview of Kubernetes

  • Distribution categories

  • Architecture of Kubernetes

  • Components of Kubernetes

  • Setting up clusters
     

Module 9: Kubernetes Security

  • Kubernetes Attacks

  • Attacking API server

  • Kubelet Attacks

  • Attacking etcd

  • Exploiting Tokens
     

Module 10: Vulnerability Assessment

  • Container Vulnerability Scanning

  • Vulnerability Assessment with CLAIR

  • Vulnerability Assessment with TRIVY

  • Scanning with AQUA

  • CVEs
     

Module 11: Catch the Flag