EX425

Descrizione esame

L’esame Red Hat Certified Specialist in Security: Containers and OpenShift Container Platform exam (EX425) testa e abilità nell’identificare e mitigare minacce basandosi su OpenShift. L’esame si focalizza sull’implementazione e la gestione sicura di architetture, processi e procedure di applicazioni containerizzate e software-defined networking.

Passato l’esame è possibile ottenere competenze come Red Hat Certified Specialist in Security: Containers and OpenShift Container Platform, utile anche al conseguimento della certificazione a Red Hat Certified Architect (RHCA).

Questo esame è basato su Red Hat® OpenShift® Container Platform 3.11.

Argomenti dell'esame

• Understand, identify, and work with containerization features
• Deploy a preconfigured application and identify crucial features such as namespaces, SELinux labels, and cgroups
• Deploy a preconfigured application with security context constraint capabilities and view the application’s capability set
• Configure security context constraints
• Use trusted registries
• Load images into a registry
• Query images in a registry
• Work with trusted container images
• Identify a trusted container image
• Sign images
• View signed images
• Scan images
• Load signed images into a registry
• Build secure container images
• Perform simple S2I builds
• Implement S2I build hooks
• Automate builds using Jenkins
• Automate scanning and code validations as part of the build process
• Control access to OpenShift Container Platform clusters
• Configure users with different permission levels, access, and bindings
• Configure OpenShift Container Platform to use Red Hat Identity Management services (IdM) for authentication
• Query users and groups in IdM
• Log into OpenShift Container Platform using an IdM managed account
• Configure single sign-on (SSO)
• Install SSO authentication
• Configure OpenShift Container Platform to use SSO
• Integrate web applications with SSO
• Automate policy-based deployments
• Configure policies to control the use of images and registries
• Use secrets to provide access to external registries
• Automatically pull and use images from a registry
• Use triggers to verify that automated deployments work
• Manage orchestration
• Restrict nodes on which containers may run
• Use quotas to limit resource utilization
• Use secrets to automate access to resources
• Configure network isolation
• Create software-defined networks (SDN)
• Associate containers and projects with SDNs
• Configure and manage secure container storage
• Configure and secure file-based container storage
• Configure and secure block-based container storage