CKS labs Task Description Solution 01 kubectl contexts SOLUTION 02 Falco, sysdig SOLUTION 03 Kube-api. disable access via nodePort SOLUTION 04 Pod Security Standard SOLUTION 05 CIS Benchmark SOLUTION 07 Open Policy Agent - Blacklist Images SOLUTION 09 AppArmor SOLUTION 10 Container Runtime Sandbox gVisor SOLUTION 11 Read the complete Secret content directly from ETCD SOLUTION 17 Enable audit log SOLUTION 19 Fix Dockerfile SOLUTION 20 Update Kubernetes cluster SOLUTION 21 Image Vulnerability Scanning SOLUTION 22 Network policy SOLUTION 23 Set tls version and allowed ciphers for etcd, kube-api SOLUTION 24 Encrypt secrets in ETCD SOLUTION 25 Image policy webhook SOLUTION