KCSA: CNCF KCSA (Kubernetes and Cloud Native Security Associate)
Browse certifications
Exam Resources
Official learning paths, exam details, skills measured, and community resources to supplement your study.
About the KCSA Exam
Secure Kubernetes clusters and cloud native workloads
Master Kubernetes security fundamentals — the 4Cs of cloud native security, cluster component hardening, RBAC, Pod Security Standards, NetworkPolicies, Secrets management, threat modelling with STRIDE and MITRE ATT&CK, supply chain security, image scanning, CIS Benchmarks, OPA Gatekeeper, and compliance frameworks. Original practice questions covering all 6 KCSA domains. Not affiliated with, endorsed by, or sourced from CNCF or Linux Foundation certification exams.
Who Should Take This Exam?
The KCSA is designed for IT professionals with some hands-on experience. 6-12 months of hands-on experience recommended.
Typical study time: 4-8 weeks of focused study
Exam Quick Facts
| Detail | Value |
|---|---|
| Exam Code | KCSA |
| Title | CNCF KCSA (Kubernetes and Cloud Native Security Associate) |
| Duration | 90 minutes |
| Questions | 60 |
| Pass Score | 75% |
| Cost | $250 USD |
| Provider | Linux Foundation / PSI |
| Validity | 2 years |
| Question Types | Multiple choice |
Exam Domains & Weights
The KCSA exam covers 6 domains. Focus your study time based on the weights below — higher-weighted domains have more exam questions.
| Domain | Weight | Practice Qs |
|---|---|---|
| Overview of Cloud Native Security | 14% | 28 |
| Kubernetes Cluster Component Security | 22% | 44 |
| Kubernetes Security Fundamentals | 22% | 44 |
| Kubernetes Threat Model | 16% | 32 |
| Platform Security | 16% | 32 |
| Compliance and Security Frameworks | 10% | 20 |
| Total | 100% | 200 |
💡 Study tip: Kubernetes Cluster Component Security carries the most weight (22%) — start there. Compliance and Security Frameworks has the least (10%), but don’t skip it — exam questions can come from any domain.
Practice Exam — 200 Questions
Prepare for the KCSA with our 200-question practice exam covering all 6 exam domains. Every question includes detailed explanations and maps to official exam objectives.
What you get:
- ✅ Exam simulation mode with timer
- ✅ Spaced repetition for weak areas
- ✅ Detailed explanations for every question
- ✅ Progress tracking across domains
- ✅ 20 free questions — no account needed
CNCF Certification Path
Start with KCNA (Kubernetes & Cloud Native Associate) for fundamentals, then CKA (admin) or CKAD (developer), then CKS (security) or KCSA (security associate).
Related CNCF Certifications
If you’re studying for the KCSA, you might also be interested in these CNCF certifications:
- CKA: CNCF CKA (Certified Kubernetes Administrator) — 200 practice questions
- CKAD: CNCF CKAD (Certified Kubernetes Application Developer) — 200 practice questions
- CKS: Certified Kubernetes Security Specialist — 200 practice questions
- KCNA: CNCF Kubernetes and Cloud Native Associate — 200 practice questions
Study Tips
- Start with the heaviest domain — focus your time where the exam focuses its questions
- Use our practice exam — try the 20 free questions first to gauge your readiness
- Review explanations — don’t just check if you got it right; read why each answer is correct
- Simulate exam conditions — use the timed exam mode to practice under pressure