Kurzy a certifikace Red Hat
EX425 - Red Hat Certified Specialist in Security: Containers and OpenShift Container Platform exam
The Red Hat Certified Specialist in Security: Containers and OpenShift Container Platform exam (EX425) tests your ability to identify and mitigate threats to OpenShift container-based infrastructure. The exam focuses on implementing and managing secure architecture, policies, and procedures for modern containerized applications and software-defined networking.
By passing this exam, you become a Red Hat Certified Specialist in Security: Containers and OpenShift Container Platform, which also counts toward becoming a Red Hat Certified Architect (RHCA).
This exam is based on Red Hat® OpenShift® Container Platform 3.11.
- System administrators or developers who want to demonstrate their ability to properly secure containers
- System administrators or developers who are working in a DevOps environment using Red Hat OpenShift Container Platform
- Red Hat Certified Engineers who wish to become Red Hat Certified Architects
Study points for the exam
To help you prepare, these exam objectives highlight the task areas you can expect to see covered in the exam.
Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance.
Understand, identify, and work with containerization features
- Deploy a preconfigured application and identify crucial features such as namespaces, SELinux labels, and cgroups
- Deploy a preconfigured application with security context constraint capabilities and view the application’s capability set
- Configure security context constraints
Use trusted registries
- Load images into a registry
- Query images in a registry
Work with trusted container images
- Identify a trusted container image
- Sign images
- View signed images
- Scan images
- Load signed images into a registry
Build secure container images
- Perform simple S2I builds
- Implement S2I build hooks
- Automate builds using Jenkins
- Automate scanning and code validations as part of the build process
Control access to OpenShift Container Platform clusters
- Configure users with different permission levels, access, and bindings
- Configure OpenShift Container Platform to use Red Hat Identity Management services (IdM) for authentication
- Query users and groups in IdM
- Log into OpenShift Container Platform using an IdM managed account
Configure single sign-on (SSO)
- Install SSO authentication
- Configure OpenShift Container Platform to use SSO
- Integrate web applications with SSO
Automate policy-based deployments
- Configure policies to control the use of images and registries
- Use secrets to provide access to external registries
- Automatically pull and use images from a registry
- Use triggers to verify that automated deployments work
- Restrict nodes on which containers may run
- Use quotas to limit resource utilization
- Use secrets to automate access to resources
Configure network isolation
- Create software-defined networks (SDN)
- Associate containers and projects with SDNs
Configure and manage secure container storage
- Configure and secure file-based container storage
- Configure and secure block-based container storage
As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.
Scores and reporting
Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days.
Exam results are reported as total scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.
Prerequisites for this exam
- Become a Red Hat Certified System Administrator, or possess comparable work experience and skills (Red Hat Certified Engineer would be even better)
- Take Introduction to Containers, Kubernetes, and Red Hat OpenShift (DO180), or possess comparable work experience using containers
- Review the exam objectives