About the course

About the course

Cyber security is one of the fastest growing fields in the information technology industry and with our cyber security course, you’ll maximise your career opportunities.

Gain the skills and knowledge needed for a career as a cyber security paraprofessional.

During this cyber security course, you will develop the comprehensive technical skills and knowledge to:

  • monitor the risks of cyber security attacks
  • prepare and implement appropriate risk management plans
  • prepare and implement appropriate mitigation solutions
  • use a range of tools and procedures to identify and block cyber security threats
  • protect an organisation from insider security breaches
  • develop and implement risk mitigation solutions for cloud systems
  • implement privacy and compliance policies in accordance with Australian Cyber Law

As a cyber security paraprofessional, you’ll work closely with the security team to detect and determine breaches in a company's network and security systems. You will be part of a team of security practitioners who will develop, monitor and maintain cyber security policies, security procedures and operations for medium to large organisations.  

Study scholarships are available if you already hold higher qualifications.

A panel of Australian cyber security industry leaders developed the course. The panel included cyber security specialists in the security, banking, information technology and telecommunications industries. 

Like Box Hill Institute - IT & Cyber Security on Facebook Facebook
Follow Box Hill Institute - IT & Cyber Security on Instagram Instagram

Course Details


Intake Dates & Course Length

February and July

Full time: 12 months

Part time: flexible (the time taken to complete this course will vary depending on the number of units you are enrolled in and your input) 

Evening: selected units are offered in the evening each semester

Student support
balance scales icon
Learn more about

study-life balance

Student Support Services

Career Outcomes

This Advanced Diploma in Cyber Security qualification provides the skills and knowledge for an individual to integrate into Cyber Security teams in both large and small organisations. 

Possible job titles relevant to this qualification include:

  • cyber operations analyst
  • network security administrator
  • cyber security systems administrator
  • cyber security systems coordinator
  • enterprise cyber systems administrator
  • cyber security operations administrator
  • cyber network services administrator
  • cyber security network support administrator
Skills and Jobs Centres
Skills and Job Centres logo
Speak to a Career Advisor

at our Skills and Jobs Centres at each campus.

Find out More

Entry Requirements

You must:

  • have successfully completed Australian Year 12 or international equivalent,
  • Certificate IV in Cyber Security or equivalent
  • direct entry will be considered for a mature age applicant who has worked in the cyber security industry with the addition of a bridging unit from the Certificate IV in Cyber Security. You may be required to attend an interview to establish that you have the necessary cyber security skills and knowledge to undertake advanced diploma level learning.
  • have a current Working With Children Check and a National Police Check if you wish to participate in work placement activities


To assist prospective students to determine whether a course is suitable and appropriate for the individual needs, Box Hill Institute will assess all students’ language, literacy and numeracy and digital literacy by asking you to undertake a self-assessment review prior to the enrolment.

A course advisor will discuss the outcomes of the review and make recommendations about whether the course is suitable for you, and identify additional support where required.


Direct entry and VTAC

Recognition of Prior Learning is available.

Pathways & Accreditation

Successful completion will enable you to apply for entry to our Bachelor of Computer Systems or degrees at other higher education providers.

This course is government accredited and has national recognition

The qualification is aligned with the Australian Qualification Framework (AQF) level 6

Fees & Finance Options

This training is provided to eligible individuals with funds made available by the Commonwealth and Victorian Governments

Tuition Fee Type Estimated Annual Fee
Gov. Subsidised - Standard $10,730.00
Full Tuition Fee $17,110.00
Service Fees Estimated Annual Fees
Service & Amenities*$155.00
Core Skills Support**$75.00
Annual Material Fees$348.00
Retain Course Items***No fee applies
* Does not apply to VETiS or Short course students.

** Does not apply to VETiS, International students, Short Courses, Graduate Degrees , or re-enrolling students who re-enrol in the same course.

***Retained Course Items are purchased by the student once prior to commencing. The course items bought by the student become the property of the student. Such items retain a generic application for other purposes outside the student's course of study (e.g. textbooks).

Annual student tuition & material fees as published are subject to change given individual circumstances at enrolment. Fees listed are for 2019 and may increase annually over the duration of delivery. Advertised start dates and delivery locations are subject to viable student numbers. For more information please contact our Course Advisors on 1300 BOX HILL.
Student support
piggy bank with coin icon
Learn more about

our financial support options

Learn about your options

Course Structure

To be awarded the Advanced Diploma of Cyber Security participants must complete a total of:

    • 9 core units, plus
    • 11 elective units

A minimum of 2 units must be selected from each of the 4 elective streams (General, Intrusion Analyst, Penetration Testing and Security Engineering streams). The remaining 3 units may be selected from the 4 elective streams or from any endorsed training package or accredited course at Diploma level or above where they are consistent with the vocational outcomes of the course.

Units selected from other training packages or accredited courses must not duplicate units selected from the core or elective streams.



  • BSBWOR502 Lead and manage team effectiveness
    60.0 hours

    This unit describes the skills and knowledge required to lead teams in the workplace and to actively engage with the management of the organisation. It applies to individuals working at a managerial level who facilitate work teams and build a positive culture within their work teams. At this level, work will normally be carried out using complex and diverse methods and procedures requiring the exercise of considerable discretion and judgement, using a range of problem solving and decision making strategies.

  • ICTNWK525 Configure an enterprise virtual computing environment
    60.0 hours

    This unit describes the skills and knowledge required to develop and implement virtualisation technologies, with the goal of providing a more sustainable information and communications technology (ICT) environment.

    It applies to individuals working as senior networking staff responsible for increasing the sustainability of an organisation, by using virtualisation technologies.

  • VU22240 Communicate cyber security incidents within the organisation
    40.0 hours

    This unit provides the knowledge and skills for a practitioner to communicate the effects of cyber security incidents to appropriate personnel in the organisation. This involves understanding communication styles, setting up and contributing to the team that deals with cyber security incidents for the organisation. It also includes gathering and sorting the appropriate information and presenting it using the appropriate communication style for different groups and personnel in the organisation.

  • VU22241 Interpret and utilise key security frameworks, policies and procedures for an organisation
    40.0 hours

    This unit provides the knowledge and skills to recognise and utilise key security standards, organisations and bodies that offer resources and support to an organisation addressing cyber security risk. Resources are reviewed for potential implementation within the organisation.

  • VU22242 Assess and secure cloud services
    80.0 hours

    This unit introduces learners to the principles and operation of the cloud model and cloud services. It provides the knowledge and skills to categorise and select cloud services for an organisation as well as the ability to examine the security issues relating to cloud data and services.

    The unit also introduces the current industry practices that support an organisation to secure its’ cloud based data and application services.

  • VU22243 Develop software skills for the cyber security practitioner
    80.0 hours

    The unit provides the knowledge and skills to examine concepts and operation of an executable (exe) file and an assembler instruction set, principles of the software development process and software vulnerabilities. The unit also develops skills in writing and reading scripts, utilising software troubleshooting techniques and finally, examining the principles of writing secure code.

  • VU22244 Implement best practices for identity management
    40.0 hours

    This unit provides the knowledge and skills to apply strategies to deal with issues associated with fraudulent identity and to deploy best practices for identity and access management for an organisation.

  • VU22245 Plan and implement a cyber security project
    80.0 hours

    This unit provides the knowledge and skills to plan and implement a cyber security project that either simulates a real cyber security environment or is an actual workplace project. Learners are required to actively participate and contribute to the project team. They are required to receive tasks, communicate outcomes, design solutions, solve project problems and meet required deadlines to ensure effective and timely delivery of the project. The project may include using a Cyber Security Operations Centre (CSOC) sandbox or equivalent laboratory environment. This environment allows the learner to demonstrate configuring and testing of firewalls, implementing Intrusion Detection System (IDS) and evaluating and identifying any traffic anomalies. The use of Red and Blue teaming exercises to identify security breaches and apply mitigation strategies to minimise further risk should be included as part of the project
    Prerequisites: Prerequisite VU22240 - Communicate cyber security incidents within the organisation VU22243 - Develop software skills for the cyber security practitioner VU22244 - Implement best practice for identity management

  • VU22246 Evaluate an organisation's compliance with relevant cyber security standards and law
    40.0 hours

    This unit provides the knowledge and skills to enable a cyber security paraprofessional as part of a team, to identify relevant cyber standards and laws pertaining to the organisation, evaluate current working practices in light of these standards and laws and to plan and implement any required work practice changes.

  • Electives

  • VU22250 Respond to cyber security incidents
    40.0 hours

    This unit provides the knowledge and skills for a paraprofessional working as a team member to prepare for and respond to a cyber security incident within an organisation. The unit includes identifying when the incident occurred, developing and implementing an appropriate response’ strategy, evaluate the success of the response and any long term effects of the incident.

    The unit also includes the knowledge and skills required to accurately document the incident and update the organisation’s incident response plan to reduce the risk of further incidents.

  • VU22251 Gather, analyse and interpret threat data
    40.0 hours

    This unit provides the knowledge and skills to demonstrate the function and operation of hardware and software tools used to detect cyber incidents. The unit includes the selection and use of tools to analyse logged data, detection of malicious data streams as well as analysis of the results and evaluation of the selected tools in their effectiveness in detecting data patterns.

  • VU22252 Implement cyber security operations
    60.0 hours

    The unit provides the knowledge and skills to implement and monitor a cyber security operation for an organisation. The unit addresses the key elements of implementation which include preparing the organisation for an incident, knowing how it could occur, and the processes and procedures to respond. The unit also includes the use of tools and processes to analyse data and detect intrusions.
    The unit applies procedures and processes developed by the National Institute of Standards and Technology (NIST) and it aligns with the Cisco Cyber Operations course.

  • VU22253 Undertake penetration testing of the security infrastructure for an organisation
    80.0 hours

    This unit provides the knowledge and skills required to use a series of tools to test the vulnerabilities of the security infrastructure for an organisation. The unit includes the compiling of information on the existing security infrastructure design, evaluating and selecting testing tools and preforming vulnerability scanning and penetration testing. It also includes developing a report which assesses the weaknesses and includes mitigation strategies that can be implemented to ‘harden’ the organisation’s cyber security infrastructure.

  • VU22254 Undertake advanced penetration testing for web site vulnerabilities
    80.0 hours

    This unit provides the knowledge and skills to expand the testing capability for web vulnerabilities. The unit includes skills in using advance features of current toolsets in order identify weaknesses in the security of an organisation’s website. It also includes the development of a penetration (PEN) test report which will identify the root cause of the issues and includes mitigation strategies for the identified web site weaknesses. This unit utilises the current security framework Open Web Application Security Project (OWASP) security methodology and open source tools provide a sound foundation to develop these skills.

  • VU22255 Evaluate threats and vulnerabilities of internet of things (iot) devices
    40.0 hours

    This unit provides the knowledge and skills to examine the function and operation of IoT devices and to identify what threats and vulnerabilities exit when using them. The unit also includes strategies to minimise the threats.

  • VU22256 Protect critical infrastructure for an organisation
    40.0 hours

    This unit provides the knowledge and skills to examine the key standard bodies and frameworks that offer constructive support for addressing threats and vulnerabilities of critical infrastructure.
    The units also covers the development of mitigation strategies to protect an organisation’s infrastructure as well as the implementation and monitoring of its’ effectiveness.

  • VU22257 Configure security devices for an organisation
    80.0 hours

    This unit seeks to build on previous skills in configuring security devices by providing knowledge and skills to configure and modify where required an organisation’s existing security devices. After implementation the devices will be monitored and assessed for their effectiveness. New security devices and technologies will be researched, evaluated and implemented in order to improve the security performance of the organisation.

  • VU22258 Design and implement a virtualised cyber security infrastructure for an organisation
    80.0 hours

    This unit provides the knowledge and skills required to design, implement and monitor a fundamental virtualised cyber security infrastructure for an organisation. The unit includes designing an infrastructure to suit key specifications, the utilisation of testing procedures in the development stage, implementation process, monitoring functionality following implementation and continuous improvement processes.

  • VU22249 Perform a security risk assessment for an organisation
    40.0 hours

    This unit provides skills and knowledge required to perform a risk assessment for the organisation; this assessment is most likely performed as part of a team. The unit covers; assessing current assets, identify current threats and vulnerabilities, identify a risk process and performing the assessment.

  • ICTNWK607 Design and implement wireless network security
    60.0 hours

    This unit describes the skills and knowledge required to mitigate security threats to a wireless local area network (WLAN) by implementing security standards and policies.

    It applies to individuals with advanced information and communications technology (ICT) skills who are working as wireless help desk support technicians, wireless network support specialists and wireless network engineers.

people at desk icon
No question is too big or small.
Give us a call on 1300 269 445

Is this the course for you? 
Enrol now or enquire about this course.


Interested in IT & Cyber Security?
Discover more

Discover IT & Cyber Security