Exam Tips & Cheatsheets
Overview
This section provides everything you need for the final stretch of your CKS exam preparation. From environment setup to command cheatsheets, these resources are designed to be reviewed in the days leading up to your exam and used as quick references during practice sessions.
How to Use This Section
- Read through all pages at least once during your study period
- Practice the environment setup steps until they are muscle memory
- Review the cheatsheets the night before your exam
- During the exam, recall the patterns -- do NOT open this guide (use kubernetes.io instead)
Exam Day Strategy
Time Management Strategy
The CKS exam is 120 minutes with approximately 15-20 questions. Every minute counts.
Time Budget
| Phase | Duration | Activity |
|---|---|---|
| Setup | 2-3 min | Configure shell, aliases, autocompletion |
| Scan | 3-5 min | Read every question, categorize difficulty |
| Quick wins | 20 min | Complete all easy questions (4-5% weight) |
| Medium | 50 min | Work through medium difficulty questions |
| Hard | 35 min | Tackle complex, multi-step questions |
| Review | 10 min | Verify work, revisit flagged questions |
Per-Question Time Limits
| Question Weight | Max Time | Action if Exceeded |
|---|---|---|
| 4% | 5 minutes | Flag immediately, move on |
| 5-6% | 7 minutes | One more minute, then flag |
| 7-8% | 10 minutes | Finish current step, then flag |
| 9-13% | 14 minutes | These are worth fighting for |
The #1 Reason People Fail
Running out of time. Candidates get stuck on a hard question, spend 20+ minutes on it, and then rush through 5 easy questions they could have aced. Always do easy questions first.
Environment Setup Tips
First 2-3 Minutes of the Exam
These commands should be muscle memory:
# 1. Set up kubectl alias and autocompletion
alias k=kubectl
source <(kubectl completion bash)
complete -o default -F __start_kubectl k
# 2. Export common variables
export do="--dry-run=client -o yaml"
export now="--force --grace-period=0"
# 3. Set up vim for YAML editing
cat >> ~/.vimrc << 'EOF'
set tabstop=2
set shiftwidth=2
set expandtab
set number
set autoindent
EOF
# 4. Verify cluster access
k get nodestmux Quick Setup
If the exam environment supports tmux:
# Start tmux
tmux
# Split pane horizontally (for reference)
# Ctrl+b then " (horizontal split)
# Ctrl+b then % (vertical split)
# Ctrl+b then arrow keys to switch panesWhat to Do First
Context Switching
Always check which cluster context you are in before starting a question. The most common mistake is applying a resource to the wrong cluster. Run:
kubectl config current-contextbefore every question.
Common Mistakes to Avoid
YAML Mistakes
- Indentation errors: YAML uses spaces, not tabs. A single wrong indent breaks everything
- Missing namespace: Forgetting to specify
-n namespacewhen applying resources - apiVersion mismatch: Using
v1beta1whenv1is required (check your Kubernetes version)
Security Context Mistakes
- Setting
readOnlyRootFilesystem: truewithout emptyDir volumes for/tmp,/var/cache, etc. - Forgetting to set
allowPrivilegeEscalation: false-- this is required by the restricted PSS - Setting
runAsNonRoot: truebut not providing arunAsUser(some images default to root)
NetworkPolicy Mistakes
- Applying to the wrong namespace
- Forgetting DNS egress rules when using deny-all egress
- Confusing
namespaceSelectorANDpodSelectorvs OR logic (singlefromentry = AND; separatefromentries = OR)
RBAC Mistakes
- Confusing
Role(namespaced) withClusterRole(cluster-wide) - Forgetting
apiGroups: [""]for core resources (pods, services, secrets) - Using
apiGroups: ["apps"]for pods (pods are in the core group"")
Static Pod Manifest Mistakes
- Not waiting for the API server to restart after editing
/etc/kubernetes/manifests/ - Missing volume mounts for new file paths referenced in flags
- Syntax errors that prevent the API server from starting (always check with
crictl ps)
Available Resources
| Resource | Description |
|---|---|
| kubectl Security Cheatsheet | Security-focused kubectl commands by category |
| YAML Templates | Copy-paste ready YAML for all common CKS resources |
| Tools Reference | Quick reference for trivy, falco, kube-bench, and more |
| Exam Day Checklist | Pre-exam and during-exam checklists with setup scripts |
Allowed Documentation During the Exam
You are allowed to access the following during the CKS exam:
- https://kubernetes.io/docs/
- https://kubernetes.io/blog/
- https://github.com/kubernetes/
- Tool-specific documentation (trivy, falco, etc.)
Bookmark key pages before your exam. See the Exam Day Checklist for recommended bookmarks.