EX430

Exam description

The Red Hat Certified Specialist in OpenShift Advanced Cluster Security is a performance-based test used to assess the skills and knowledge to manage Red Hat Advanced Cluster Security for Kubernetes.

By passing this exam, you become a Red Hat Certified Specialist in OpenShift Advanced Cluster Security that also counts towards earning a Red Hat Certified Architect (RHCA®).

This exam is based on Red Hat Advanced Cluster Security for Kubernetes 4.6. 

Audience for this exam

• Platform Engineers, Cloud Administrators, System Administrators, Security Administrators, and other infrastructure-related IT roles who are responsible for providing and supporting security for applications deployed on Red Hat OpenShift Container Platform.
• Enterprise Architects, Site Reliability Engineers, DevOps Engineers, and other application-related IT roles who are responsible for designing secure infrastructure for applications deployed on Red Hat OpenShift Container Platform

Prerequisites for this exam

• Experience with importing secured clusters into Red Hat Advanced Cluster security for Kubernetes
• Experience with monitoring and managing vulnerabilities with Red Hat Advanced Cluster Security for Kubernetes
• Experience with Implementing deploy-time and runtime policies with Red Hat Advanced Cluster Security for Kubernetes
• Experience with managing network segmentation with Red Hat Advanced Cluster Security for Kubernetes
• Experience with managing compliance to industry standards with Red Hat Advanced Cluster Security for Kubernetes
• Experience with integrating Red Hat Advanced Cluster Security for Kubernetes with third parties
• Red Hat OpenShift Administration II: Configuring a Production Cluster (DO280) or equivalent experience
• Red Hat OpenShift Administration III: Scaling Deployments in the Enterprise or equivalent experience
• Red Hat Advanced Cluster Security for Kubernetes 4.6 or equivalent experience
• Take our free assessment to find the course that best supports your preparation for this exam

In preparation 

Candidates for the Red Hat Certified Specialist in OpenShift Advanced Cluster Security should be able to accomplish the tasks below without assistance

Study points for the exam

To help you prepare, the exam objectives highlight the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. 

As part of this exam, you should be able to perform these tasks:

• Import secured clusters into Red Hat Advanced Cluster Security for Kubernetes (RHACS)
  • Investigate the architecture of RHACS and its components
  • Deploy the RHACS operator
  • Configure RHACS Central and its components so RHACS can monitor and audit them
• Manage Vulnerabilities with RHACS
  • Manage vulnerability data sources and scanning
  • Detect Common Vulnerabilities and Exposures (CVE)
  • Understand CVE Categories
  • Understand the vulnerability deferral process
  • Generate vulnerability reports
  • Interpret vulnerability results
  • Manage vulnerability notifications
  • Assess risk in deployments
• Manage Policies with RHACS
  • Manage default security policies
  • Examine policy violations
  • Understand the admission controller enforcement
  • Enforce deploy-time policies on a secured cluster
  • Enforce runtime policies on a secured cluster
• Manage network segmentation with RHACS
  • Analyze network traffic with the network graph
  • Manage network baselines
  • Audit listening endpoints
  • Manage network policies
  • Manage build-time policy generation and enforcement
• Manage compliance to industry standards with RHACS
  • Deploy the Compliance Operator on a secured cluster
  • Manage compliance
  • Manipulate compliance reports
  • Configure tailored profiles
• Apply third-party integrations with RHACS
  • Integrate external private image registries
  • Troubleshoot common issues with integration
  • Integrate an OIDC provider for authentication
  • Integrate object storage for managing backups
  • Use s3cmd tool to consult buckets
  • Backup and restore custom deployment

Preparation

Red Hat encourages you to consider taking Securing Kubernetes Clusters with Red Hat Advanced Cluster Security (DO430) to help prepare.  Attendance in these classes is not required; students can choose to take just the exam.

While attending Red Hat classes can be an important part of your preparation, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.

Many books and other resources on system administration for Red Hat products are available. Red Hat does not endorse any of these materials as preparation guides for exams. Nevertheless, you may find additional reading helpful to deepen your understanding.

Exam format

The Red Hat Certified Specialist in OpenShift Advanced Cluster Security exam is a hands-on, practical exam that requires you to undertake real-world tasks. This exam consists of a single section lasting four hours. Internet access is not provided during the exam, and you will not be permitted to bring any hard copy or electronic documentation into the exam. This prohibition includes notes, books, or any other materials. For most exams, the documentation that ships with the product is available during the exam.

Scores and reporting    

Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days.

Exam results are reported as total scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.