KCSA Exam Study Guide (Kubernetes and Cloud Native Security Associate)


Kubernetes (KCSA) Preparation Details

Preparing for the Kubernetes and Cloud Native Security Associate (KCSA) exam? Don’t know where to start? This post is the KCSA Certificate Study Guide (with links to each exam objective).

I have curated a list of articles from the Internet for each objective of the KCSA exam. I hope this article will help you to achieve the Kubernetes and Cloud Native Security Associate certification. Also, please share the post within your circles so it helps them to prepare for the exam.

KCSA Kubernetes Exam Coupon

Coupon: Use Code SUMMER25

Kubernetes (KCSA) Course

Udemy Practice TestKubernetes Cloud Native Security Prep
Pluralsight Configuring & Managing Kubernetes Security

Kubernetes (KCSA) Materials

CourseraBuilding Cloud Native and Multicloud
Amazon e-book (PDF) Learn everything about Kubernetes Security

Overview of Cloud Native Security 14%

The 4Cs of Cloud Native Security

Overview of Cloud Native Security

Understanding the 4Cs of Cloud Native Security

Cloud Provider and Infrastructure Security

Cloud Controller Manager

Battle of the 4 Best Kubernetes Cloud Providers

9 essential infrastructure security considerations for Kubernetes

Controls and Frameworks

API Access Control | Kubernetes

Isolation Techniques


4 Methods Of Kubernetes Isolation

Best Practices for Achieving Isolation in Kubernetes Multi-Tenant Environments

Artifact Repository and Image Security

Configuring Your Artifact Repository

Kubernetes artifacts

Images | Kubernetes

Container Image Security Best Practices

Workload and Application Code Security

How to Secure Your Kubernetes Workloads?

What Are Kubernetes Workloads, How They Work & Security Tips

Best Practices for Securing Kubernetes Applications

Kubernetes Cluster Component Security 22%

API Server


The Kubernetes API

Kubernetes API Server

Controller Manager


Kubernetes Controller Manager


Kubernetes Scheduler



kubelet | Kubernetes

What is Kubelet?

Container Runtime

Container Runtimes

Container Runtime Interface (CRI)


kube-proxy | Kubernetes

Kube-Proxy: What Is It and How It Works?


Pods | Kubernetes

What are Kubernetes Pods?


Operating etcd clusters for Kubernetes

Set up a High Availability etcd Cluster with kubeadm

Container Networking

Cluster Networking

Kubernetes Networking: The Complete Guide

Client Security

Controlling Access to the Kubernetes API

Securing a Cluster


Kubernetes Storage: Concepts and Best Practices

Storage Classes | Kubernetes

Kubernetes Security Fundamentals 22%

Pod Security Standards

Pod Security Standards | Kubernetes

Pod Security Admissions

Pod Security Admission | Kubernetes

Apply Pod Security Standards at the Cluster Level

Hands-on with Kubernetes Pod Security Admission


Authenticating | Kubernetes

Authentication and authorization in Kubernetes


Authorization Overview

Using RBAC Authorization


Secrets | Kubernetes

Distribute Credentials Securely Using Secrets

Managing Secrets using kubectl

Isolation and Segmentation

Kubernetes namespaces isolation

Achieving Network, Namespace, and Cluster Isolation in Kubernetes

Implementing Network Segmentation in Kubernetes Clusters

Understanding the Importance of Network Segmentation in Kubernetes

Audit Logging

Kubernetes Audit Logs

Auditing | Kubernetes

Network Policy

Network Policies

Declare Network Policy

Kubernetes Threat Model 16%

Kubernetes Trust Boundaries and Data Flow

A Deep Dive Into Kubernetes Threat Modeling

K8S Threat Model


Advanced Persistent Threat Techniques Used in Container Attacks

Advanced Persistence Threats: The Future of Kubernetes Attacks

Denial of Service

Detect and stop DDoS attacks in a Kubernetes environment

Preventing DoS Kubernetes using Falco and Calico

Malicious Code Execution and Compromised Applications in Containers

Kubernetes Vulnerability Leads to Remote Code Execution

Kubernetes flaws could lead to remote code execution on Windows endpoints

Attacker on the Network

Kubernetes Network Attacks

Attacking Kubernetes Clusters Through Your Network Plumbing

Access to Sensitive Data

How to Store and Use Sensitive Data in Kubernetes Clusters

Securing Sensitive Data with Kubernetes Secrets

Privilege Escalation

Kubernetes RBAC: Privilege Escalation Exploits and Mitigations

Check Kubernetes Configuration for Privilege Escalation

Platform Security 16%

Supply Chain Security

A MAP for Kubernetes supply chain security

Securing the Supply Chain for Kubernetes

Image Repository

Image Repositories


Ultimate Guide to Kubernetes Observability

Mastering Kubernetes Observability

Service Mesh

What is Kubernetes Service Mesh?

Managing microservices with the Istio service mesh


PKI certificates and requirements

Importance of PKI and TLS Certificates in Kubernetes


The Future of Kubernetes Connectivity

Admission Control

Dynamic Admission Control

A Guide to Kubernetes Admission Controllers | Kubernetes

Compliance and Security Frameworks 10%

Compliance Frameworks

Understanding Kubernetes Compliance and Security Frameworks

Threat Modelling Frameworks

How to Build a Threat Model for Kubernetes Systems

Kubernetes Threat Modeling

Supply Chain Compliance

Supply Chain Compliance

Automation and Tooling

3 Tools to Automate your Kubernetes Cluster Deployment

6 Kubernetes workflows and processes you can automate

This brings us to the end of the KCSA Kubernetes and Cloud Native Security Associate study guide.

What do you think? Let me know in the comments section if I have missed out on anything. Also, I love to hear from you about how your preparation is going on!

In case you are preparing for other DevOps certification exams, check out the DevOps certificate study guides for those exams.

Follow Me to Receive Updates on the KCSA Exam

Want to be notified as soon as I post? Subscribe to the RSS feed / leave your email address in the subscribe section. Share the article to your social networks with the below links so it can benefit others.

Share the KCSA Study Guide in Your Network

You may also like