diff --git a/README-cks.md b/README-cks.md
index 5486be4..2d6fea6 100644
--- a/README-cks.md
+++ b/README-cks.md
@@ -19,64 +19,65 @@ These are the exam objectives you review and understand in order to pass the tes
 
 
 ### 10% - [Cluster Setup](https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/)
-* [Use Network security policies to restrict cluster level access]()
-* [Use CIS benchmark to review the security configuration of Kubernetes components]()
+1. [Use Network security policies to restrict cluster level access]()
+1. [Use CIS benchmark to review the security configuration of Kubernetes components]()
  (etcd, kubelet, kubedns, kubeapi)
-* [Properly set up Ingress objects with security control]()
-* [Protect node metadata and endpoints]()
-* [Minimize use of, and access to, GUI elements]()
-* [Verify platform binaries before deploying]()
+1. [Properly set up Ingress objects with security control]()
+1. [Protect node metadata and endpoints]()
+1. [Minimize use of, and access to, GUI elements]()
+1. [Verify platform binaries before deploying]()
 
 ### 15% - Cluster Hardening
-* [Restrict access to Kubernetes API]()
-* [Use Role Based Access Controls to minimize exposure]()
-* [Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones]()
-* [Update Kubernetes frequently]()
-* [Minimize host OS footprint (reduce attack surface)]()
-* [Minimize IAM roles]()
-* [Minimize external access to the network]()
-* [Appropriately use kernel hardening tools such as AppArmor, seccomp]()
+1. [Restrict access to Kubernetes API]()
+1. [Use Role Based Access Controls to minimize exposure]()
+    * [handy site collects together articles, tools and the official documentation all in one place](https://rbac.dev/)
+1. [Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones]()
+1. [Update Kubernetes frequently]()
+1. [Minimize host OS footprint (reduce attack surface)]()
+1. [Minimize IAM roles]()
+1. [Minimize external access to the network]()
+1. [Appropriately use kernel hardening tools such as AppArmor, seccomp]()
 
 
 ### 15% System Hardening
 
-* [Minimize host OS footprint (reduce attack surface)]()
-* [Minimize IAM roles]()
-* [Minimize external access to the network]()
-* [Appropriately use kernel hardening tools such as AppArmor, seccomp]()
+1. [Minimize host OS footprint (reduce attack surface)]()
+1. [Minimize IAM roles]()
+1. [Minimize external access to the network]()
+1. [Appropriately use kernel hardening tools such as AppArmor, seccomp]()
 
     !? where is selinux? assume exam systems are ubuntu
 
 ### 20% - Minimize Microservice Vulnerabilities
 
-* [Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts]()
-* [Manage kubernetes secrets]()
-* [Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)]()
-* [Implement pod to pod encryption by use of mTLS]()
+1. [Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts]()
+1. [Manage kubernetes secrets]()
+1. [Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)]()
+1. [Implement pod to pod encryption by use of mTLS]()
 
 ### 20% - Supply Chain Security
-* [Minimize base image footprint]()
-* [Secure your supply chain: whitelist allowed image registries, sign and validate images]()
-* [Use static analysis of user workloads (e.g. kubernetes resources, docker files)]()
-* [Scan images for known vulnerabilities]()
+1. [Minimize base image footprint]()
+1. [Secure your supply chain: whitelist allowed image registries, sign and validate images]()
+1. [Use static analysis of user workloads (e.g. kubernetes resources, docker files)]()
+1. [Scan images for known vulnerabilities]()
 
 
 ### 20% - Monitoring, Logging and Runtime Security
 
-* [Perform behavioral analytics of syscall process and file activities at the host and container
+1. [Perform behavioral analytics of syscall process and file activities at the host and container
  level to detect malicious activities]()
-* [Detect threats within physical infrastructure, apps, networks, data, users and workloads]()
-* [Detect all phases of attack regardless where it occurs and how it spreads]()
-* [Perform deep analytical investigation and identification of bad actors within environment]()
-* [Ensure immutability of containers at runtime]()
-* [Use Audit Logs to monitor access]()
+1. [Detect threats within physical infrastructure, apps, networks, data, users and workloads]()
+1. [Detect all phases of attack regardless where it occurs and how it spreads]()
+1. [Perform deep analytical investigation and identification of bad actors within environment]()
+1. [Ensure immutability of containers at runtime]()
+1. [Use Audit Logs to monitor access]()
 
 
 ### Extra Kubernetes security resources
-* [Aquasecurity Blogs](https://blog.aquasec.com/)
-* [control-plane/Andrew Martin @sublimino: 11 ways not to get hacked](https://control-plane.io/posts/11-ways-not-to-get-hacked/)
-* [InGuardians/Jay Beale: Kubernetes Practical attacks and defenses](https://youtu.be/LtCx3zZpOfs)
-* [Google/Ian Lewis : Kubernetes security best practices](https://youtu.be/wqsUfvRyYpw)
+1. [Aquasecurity Blogs](https://blog.aquasec.com/)
+1. [control-plane/Andrew Martin @sublimino: 11 ways not to get hacked](https://control-plane.io/posts/11-ways-not-to-get-hacked/)
+1. [InGuardians/Jay Beale: Kubernetes Practical attacks and defenses](https://youtu.be/LtCx3zZpOfs)
+1. [Google/Ian Lewis : Kubernetes security best practices](https://youtu.be/wqsUfvRyYpw)
 
 #### CVEs
-* [CNCF Kubernetes Security Anatomy and the Recently Disclosed CVEs (CVE-2020-8555, CVE-2020-8552)](https://youtu.be/Dp1RCYCpyJk)
+1. [CNCF Kubernetes Security Anatomy and the Recently Disclosed CVEs (CVE-2020-8555, CVE-2020-8552)](https://youtu.be/Dp1RCYCpyJk)