About the course

About the course

If you have an interest in working in the information technology industry, our cyber security course will help you develop the skills and knowledge for a successful career as a cyber security paraprofessional.

As a cyber security paraprofessional you'll:

  • detect or determine breaches in network and system security
  • know how to escalate an incident to the security response team
  • work confidently with a range of stakeholders (internal or external) who need to be aware of a threat or vulnerability

In our cyber security course, you'll gain practical skills in:

  • PEN testing
  • identifying and reporting website and system vulnerabilities
  • system testing
  • securing PCs in a workplace environment
  • evaluating and reporting cyber security incidents  
  • networking concepts and protocols
  • setting up and managing network security
  • security script programming
  • website security
  • problem researching
  • working with a team to develop cyber policies and procedures to meet workplace and legislative requirements

We developed our cyber security course in conjunction with a significant industry advisory panel comprised of cyber security specialists in the security, banking, information technology and telecommunications industries.


Like Box Hill Institute - IT & Cyber Security on FacebookFacebook

Course will be replaced

Please note: This course will change in the near future and alterations to the structure will occur. All new students will be enrolled into the new course.

Course Details


Intake Dates & Course Length

February and July 

Full time: 1 year

For information regarding dates such as enrolment, orientation and study breaks please visit the Academic Calendars page

Career Outcomes

After successful completion of our our cyber security course, you can apply for a range of employment opportunities such as being a:

  • cyber security paraprofessional supporting the operation of large, small and medium enterprise computing environments
  • computer helpdesk technician
  • cyber security intrusion tester
  • cyber security support officer
  • security penetration tester
  • information systems security support officer
  • systems tester
  • PC support
  • network security support officer
  • network security trainee
  • website security support officer
Skills and Jobs Centres
Skills and Job Centres logo
Speak to a Career Advisor

Visit our Skills and Jobs Centres at each campus.

Find out More

Entry Requirements

Study scholarships are available to applicants who already hold higher qualifications.

You must have:

  • successfully completed Australian Year 11 or international equivalent or be a mature-age applicant
  • current Working with Children and Police Checks if you undertake a work placement or employment in this field

Prior IT and or networking experience or knowledge is not required but is an advantage.


To assist prospective students to determine whether a course is suitable and appropriate for the individual needs, Box Hill Institute will assess all students’ language, literacy and numeracy and digital literacy by asking you to undertake a self-assessment review prior to the enrolment.

A course advisor will discuss the outcomes of the review and make recommendations about whether the course is suitable for you, and identify additional support where required.


VTAC and direct entry

Recognition of Prior Learning is available.

Pathways & Accreditation

Successful completion of our cyber security course enables you to continue your studies in the Advanced Diploma of Cyber Security or in a diploma, advanced diploma or degree in information technology or security.

International students: You may wish to apply or package this course with the Advanced Diploma of Cyber Security at Box Hill Institute. Available for January intake.

This course is government accredited and has national recognition

The qualification is aligned with the Australian Qualification Framework (AQF) level 4

Fees & Finance Options

This training is provided with funds made available by the Commonwealth and Victorian Governments.

Free-TAFE or Job TrainerGovernment Subsidised ConcessionGovernment Subsidised StandardFull Fee
Tuition Fee$0$766$3,828$9,768
Service Fee$260$260$260$260
Core Skills Support Fee$0$0$0$0
Material Fee$264$264$264$264
Retain Course Items$0$0$0$0
Total Course Estimate$524$1,290$4,352$10,292
Payable Estimate (at commencement)$524$1,290$4,352$10,292

Retain Course Items are purchased once by the student prior to commencing. Those items then become the property of the student. Fees listed are at 2023 rates and may increase annually over the duration of delivery. The student tuition fees listed are subject to change given individual circumstances at enrolment. For more information please contact our Course Advisors on 1300 BOX HILL.

Student support
piggy bank with coin icon
Financial Support

Learn more about our financial support options

Learn about your options

Course Structure

You need to complete 10 core units and 6 elective units to gain this qualification


  • VU21990Recognise The Need For Cyber Security In An Organisation
    60.0 hours

    This unit provides introductory knowledge and skills to recognize threats, risks and vulnerabilities to cyber security in an organisation. It includes the threats an organisation encompasses such as networks, machines, applications, data, users and infrastructure. The unit also covers an introduction to common cyber security attack mechanisms and an introduction to identity and threat management as well as security issues surrounding Internet of Things (IOT) devices. Finally, the unit introduces the implementation of tools and systems an organisation can use to protect from cyber-attacks.

  • BSBWHS401Implement And Monitor Whs Policies, Procedures And Programs To Meet Legislative Requirements
    50.0 hours

    This unit describes the skills and knowledge required to implement and monitor an organisations work health and safety (WHS) policies, procedures and programs in the relevant work area in order to meet legislative requirements.
    It applies to individuals with supervisory responsibilities for implementing and monitoring the organisations WHS policies, procedures and programs in a work area. These individuals have a broad knowledge of WHS policies and contribute well developed skills in creating solutions to unpredictable problems through analysis and evaluation of information from a variety of sources. They provide supervision and guidance to others and have limited responsibility for the output of others.

  • ICTPRG407Write Script For Software Applications
    40.0 hours

    This unit describes the skills and knowledge required to plan, design and build scripts, using a scripting language to construct a highly interactive and automated software application.
    It applies to individuals who build and integrate interactive applications, or websites for internal, and public, sites.  They may work as application developers, application-support personnel, programmers specialising in a scripting language, web application programmers, or web developers.

  • VU21988Utilise Basic Network Concepts And Protocols Required In Cyber Security
    80.0 hours

    This unit provides a cyber security practitioner with an introduction to the skills and knowledge required to comprehend how data travels around the internet and the function and operation of protocols such as the Transmission Control Protocol/Internet Protocol (TCP/IP) suite and devices that facilitate this data transfer. 

  • BSBRES401Analyse And Present Research Information
    40.0 hours

    Analyse and present research information contains the skills and knowledge required to gather, organise, analyse and present workplace information using available systems. This includes identifying research requirements and sources of information, applying information to a set of facts, evaluating the quality of the information, and preparing and producing reports.
    It applies to individuals who are required to apply their broad knowledge of the work environment to analysis and research tasks, evaluate information from a variety of sources and apply solutions to a range of unpredictable problems.

    Prerequisites: Nil

  • RIICOM301DCommunicate Information
    30.0 hours

    Prerequisites: Nil

  • ICTICT418Contribute To Copyright, Ethics And Privacy In An Ict Environment
    40.0 hours

    This unit describes the skills and knowledge required to maintain professional and ethical conduct, as well as to ensure that personal information of stakeholders is handled in a confidential and professional manner when dealing with stakeholders in an information and communications technology (ICT) environment.
    It applies to ICT personnel who are required to gather information to determine the organisation s code of ethics, and protect and maintain privacy policies and system security.

    Prerequisites: Nil

  • VU21989Test Concepts And Procedures For Cyber Security
    60.0 hours

    This unit provides introductory skills and knowledge required to implement testing procedures for systems in an organisation. These involve application layer testing tools as defined by the Open Web Application Security Project (OWASP), network testing and monitoring tools. The unit examines common threats, ethical hacking principles and introduction to penetration testing, social engineering security issues, enumeration, port scanning, sniffers, footprinting, traffic sniffers and wireless LAN vulnerabilities and contains a solid treatment of intrusions.

  • VU21991Implement Network Security Infrastructure For An Organisation
    80.0 hours

    This unit provides a sound working knowledge of the key features which make up the network security for an organisation. The unit includes a detailed investigation of threats and mitigation techniques, network security architectures, introduction to firewall setup and configuration, intrusion prevention system (IPS) setup and operation as well as internetworking operating system (IOS) software features to harden routers and switches. The unit also investigates proxy server vulnerabilities, Wireless Lan (WLAN) security vulnerabilities and the application of Virtual Private Networks (VPN’s) and cryptography fundamentals.
    Prerequisites: VU21988 - Utilise basic network concepts and protocols required in cyber security VU21990 – Recognise the need for cyber security in an organisation

  • VU21992Develop A Cyber Security Industry Project
    120.0 hours

    The purpose of this unit is to undertake a project that simulates a real cyber security environment. The project may include using a Cyber Security Operations Centre (CSOC) sandbox or equivalent laboratory environment. This environment allows the participant to demonstrate configuring and testing of firewalls, implementing Intrusion Detection System (IDS) and evaluating and identifying any traffic anomalies. The use of Red & Blue teaming exercises to identify security breaches and apply mitigation strategies to minimise further risk should be included as part of the exercise
    Prerequisites: ICTPRG407 - Write scripts for software applications VU21988 - Utilise basic network concepts and protocols required in cyber security VU21989 – Test concepts and procedures for cyber security VU21990 – Recognise the need for cyber security in an organisation

  • Electives

  • VU21993Secure A Networked Personal Computer
    60.0 hours

    This unit provides base level skills and knowledge to configure an operating system on a personal computer, adding security, setting user level passwords and privileges to limit and identify user access – all required to increase protection of the end point from cyber security attacks. The unit also provides an overview of internet of things (IOT) devices, an introduction to computer networking virtualisation and base level Linux commands – deemed to be invaluable in using cyber security tools.

  • ICTPRG405Automate Processes
    40.0 hours

    This unit describes the skills and knowledge required to write scripts to automate solutions, by using basic scripting processes, and application-specific scripting options.

    It applies to individuals who may work in information and communications technology (ICT) support roles and who are required to automate tasks.

  • VU21994Perform Basic Cyber Security Data Analysis
    20.0 hours

    This unit provides the knowledge and skills necessary for a cyber security practitioner to detect and recognize discrepancies in data by performing analysis. The unit covers the collection of data on a scenario and performing basic analysis and includes the process of breaking down the scenario to a set of subtasks which are examined for their effectiveness. The unit includes an introduction of databases as a repository for data and the vulnerabilities that exist and an introduction to software tools to supporting pattern recognition.

  • VU21995Manage The Security Infrastructure For The Organisation
    80.0 hours

    The unit provides the basic knowledge and skills required to manage the implementation of the security infrastructure for an organisation. It includes assessing risk, implementing appropriate controls, monitoring their effectiveness, following organisation policy to store relevant data and compiled reports for future audit purposes. The practitioner will monitor and evaluate the physical security infrastructure of the organisation, and implement a regular security infrastructure maintenance program.

  • VU21996Evaluate And Test An Incident Response Plan For An Enterprise
    40.0 hours

    This unit provides the basic knowledge and skills for a cyber security practitioner to examine, as part of a team, an organisation’s existing incident response plan (IRP) and expand it as necessary to more thoroughly deal with incidents. The unit includes forming the team, clarifying roles, interpreting an incident response plan (IRP), using red and blue teams to test the IRP, implementing an incident, evaluating the IRP for its effectiveness and developing improvement.

  • VU21997Expose Website Security Vulnerabilities
    40.0 hours

    This unit provides the knowledge and skills required to ensure and maintain the security of an organisation’s website by utilizing the outcomes of the Open Web Application Security Project (OWASP). Current penetration testing tools are also utilised to determine the vulnerabilities of a web site. Vulnerabilities are assessed and reported to appropriate personnel to minimize risk.

people at desk icon
No question is too big or small.
Give us a call on 1300 269 445

Is this the course for you? 
Enrol now or enquire about this course.


Interested in Cyber Security & ICT?
Discover more

Discover Cyber Security & ICT
Discover Cyber Security & ICT