About the course

About the course

This on campus cyber security course will provide you with the knowledge and skills needed to work in the field of cyber security. 

The course covers a range of topics including

  • network security
  • ethical hacking
  • penetration testing
  • programming
  • incident management
  • risk management
  • website security
  • cloud services
  • security monitoring

Throughout the course, you'll learn about different types of cyber threats and how to identify and protect against them. You'll also learn about the legal and ethical issues surrounding cyber security and how to respond to security incidents. Additionally, the course covers the principles of risk management and how to implement security controls to mitigate risks.

In addition to the theoretical aspects of the course, you will also have the opportunity to gain practical experience through hands-on exercises and projects. This will provide you with the chance to apply your knowledge and skills in a real-world setting, which will help you better understand the challenges and complexities of working in the cyber security industry.

We developed our cyber security course in conjunction with a significant industry advisory panel comprised of cyber security specialists in the security, banking, information technology and telecommunications industries.

Course Details


Intake Dates & Course Length

Full time: 1 year

Part time: 2 years (the time taken to complete this course will vary depending on your input)

LocationStudy ModeStudy LoadStart DateDaysAdditional Info
15 Jul 2024Tu |  Th
Start Date : 15 Jul 2024
Days : Tu |  Th
Additional Info :
15 Jul 2024Tu |  W |  Th
Start Date : 15 Jul 2024
Days : Tu |  W |  Th
Additional Info :

Icon Key

Box hill icon

Box Hill Campus

Classroom icon


Part time icon

Part Time

Full time icon

Full Time

Career Outcomes

  • Cyber Security Professional
  • Helpdesk Technician
  • Support Officer
  • Security Penetration Tester
  • Information Systems Security Support Officer 
Skills and Jobs Centres
Skills and Job Centres logo
Speak to a Career Advisor

Visit our Skills and Jobs Centres at each campus.

Find out More

Entry Requirements

Entry requirements

You must have:

  • completed Year 11

Equipment Requirements

You will be required to have the following equipment at home:

  • an internet connection (preferably high-speed)
  • a capable PC with minimum spec of Intel Core® i5 or equivalent (at least Quad core), 8GB or more of RAM and capable of virtualisation (Apple Mac devices with ARM based processors such as M1/M2 are not suitable for most units in the course)
  • compatible headset with microphone and webcam to collaborate with other students and communicate effectively in online classes  
  • students may find it advantageous to have a dual-screen setup for your workspace at home

Inherent Requirements for the Certificate IV in Cyber Security:

You need to have a keen interest in the security of information and emerging technologies that are used to communicate data across networks.

Existing Knowledge:

Students entering this course will have:

  • PC knowledge
  • knowledge of IT systems and operating systems
  • knowledge of internet connected technologies
  • Basic work habits of day-to-day operations
  • Fundamental knowledge of the importance of information security
  • Knowledge of devices that are used to transfer information

Exisiting Skills:

Students entering this course will have existing digital literacy skills and be confident with technology and basic system software.

You need to have been using technology and be familiar with the day-to-day operations of digital tasks such as:

  • Productivity software: create information in various formats, such as documents (MS Word), graphs & worksheets (MS Excel) and presentations (MS PowerPoint).Operating systems: general knowledge of a variety of operating systems, such as Windows, Mac, or Linux
  • Presentation software: used to create slideshows made up of audio, text, photos, and videos
  • Networking: Awareness of connecting devices to networks (Wi-Fi, Ethernet)
  • Computer programming: creation, design and building of computer software and applications to perform a wide variety of tasks
  • Communication tools: knowledge of a variety of computer communication tools, Instant messaging (MS Teams) and emails (Outlook)
  • Database management: storing a variety of information, (OneDrive, Dropbox Google Drive etc.)
  • Basic mathamatical skills

Study scholarships are available to applicants who already hold higher qualifications.

PRE-TRAINING REVIEW - to assist prospective students to determine whether a course is suitable and appropriate for the individual needs, Box Hill Institute will assess all students’ language, literacy and numeracy and digital literacy by asking you to undertake a self-assessment review prior to the enrolment. A course advisor will discuss the outcomes of the review and make recommendations about whether the course is suitable for you, and identify additional support where required.

Pathways & Accreditation

Successful completion of our cyber security course enables you to continue your studies in the Advanced Diploma of Cyber Security or in a diploma, advanced diploma or degree in information technology or cyber security.

This course is government accredited and has national recognition

The qualification is aligned with the Australian Qualification Framework (AQF) level 4

Fees & Finance Options

Government Subsidised Place

This training is provided with funds made available by the Commonwealth and Victorian Governments.

Free TAFEGovernment Subsidised ConcessionGovernment Subsidised StandardFull Fee
Tuition Fee$0$809$4,046$10,353
Service & Amenity Fee$268$268$268$268
Material Fee$250$250$250$250
Retain Course Items$0$0$0$0
Total Course Estimate$518$1,327$4,564$10,871
Payable Estimate (at commencement)$518$1,327$4,564$10,871

Service & Amenity Fee may vary depending on course commencement and enrolment duration. Retain Course Items are purchased once by the student prior to commencing. Those items then become the property of the student. Fees listed are at 2024 rates and may increase annually over the duration of delivery. The student tuition fees listed are subject to change given individual circumstances at enrolment. For more information please contact our Course Advisors on 1300 BOX HILL.

Student support
piggy bank with coin icon
Financial Support

Learn more about our financial support options

Learn about your options

Course Structure

You will study a total of 16 units (8 core & 8 elective).

    Semester 1

  • ICTICT443Work Collaboratively In The Ict Industry
    30.0 hours

    This unit builds the students ability to work collaboratively in virtual Information and Communications (ICT) team environments to achieve organisational objectives. It includes contributing to performance and capability within teams, participating in team activities, exchanging knowledge and skills and providing support to team members.

    Throughout the unit students will:

    • Identify team protocols requirements for working collaboratively in a virtual environment
    • Develop protocols to work collaboratively in a virtual environment
    • Review compliance with protocols to work collaboratively in a virtual environment

    The relevance to industry is that it demonstrates that IT projects are often complex and require collaboration among team members to achieve success. By completing this unit, students will be able to work effectively as part of a team in the IT industry. They will be able to communicate effectively, solve problems collaboratively, and resolve conflicts constructively. These skills are highly valued in the IT industry, where successful project delivery requires a collaborative effort. This unit can help students to advance their careers and improve their employability in the IT and cyber security industry, particularly in roles that require effective teamwork, such as project managers, team leaders, and security analysts.

  • VU23214Configure And Secure Networked End Points
    60.0 hours

    This unit introduces how to configure an operating system on a personal computer, adding security, setting user level passwords and privileges to limit and identify user access. These key security principles are all required to increase protection of the end point from cyber security attacks.

    The unit also provides an overview of internet of things (IoT) devices, an introduction to computer networking virtualisation and base level Linux commands.

    Throughout this unit students will

    • Identify the role of personal computers and other computing devices in cyber security.
    • Undertake preventative maintenance and base level troubleshooting procedures .
    • Configure and use a computer operating system and relevant applications.
    • Define principles of safe software upgrade security practises
    • Configure and use virtualised images.
    • Identify key concepts in networking personal computers.
    • Connect devices to networks.
    • Demonstrate base level Linux commands.

    The relevance to industry is highlighted in as endpoints of a network are the entry and exit points where data and devices connect to the network. Securing these endpoints is important because they can be vulnerable to security threats such as malware, viruses, and unauthorised access.

  • BSBWHS309Contribute Effectively To Whs Communication And Consultation Processes
    30.0 hours

    This unit supports students contribute to work health and safety (WHS) communication and consultation in the workplace. It involves communicating WHS information to required personnel, and taking appropriate follow-up action to assist in ensuring that communication and consultation processes are effective and conducive to others in the workplace who raise WHS issues.

    Throughout this unit students will:

    • Participate in establishing consultation processes
    • Contribute to WHS consultation
    • Consult and communicate effectively with required personnel
    • Raise WHS issues with required personnel

    The relevance to industry is highlighted by how it provides learners with the knowledge and skills necessary to identify hazards and assess risks in a variety of work environments. By completing this unit, learners will be able to contribute to a safer workplace and demonstrate their commitment to workplace health and safety. This can help individuals to advance their careers and improve their employability, as employers are increasingly looking for workers with strong health and safety knowledge and skills.

  • ICTPRG435Write Scripts For Software Applications
    40.0 hours

    This unit develops students’ skills to plan, design and build scripts, using a scripting language to construct highly interactive and automated software products to solves business needs. This unit is taught in the python scripting language.

    Throughout this unit students will:

    • Specify software application requirements.
    • Determine script requirements.
    • Design and build scripts.
    • Finalise scripts.

    This unit is highly relevant to IT industry skills as python is one of the most popular cyber security scripting languages in the world, with widespread use in the IT industry. By completing this unit, students will be able to develop software scripts using Python, which is highly valued in the IT industry. Python is used extensively in a wide range of industries, and Python developers are in high demand. Python programming skills can be applied to a wide range of applications, making them highly transferable across different technology industries and job roles.

  • VU23213Utilise Basic Network Concepts And Protocols Required In Cyber Security
    80.0 hours

    This unit covers how data travels around networks and the internet, it includes the function and operation of protocols and protocol models such as Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) suite and devices that facilitate data transfer. The exposure to these protocols is at an introductory level in this unit.

    Throughout this unit students will

    • Outline key network security concepts.
    • Define key features of the TCP/IP suite of protocols.
    • Define services, standards and protocols that facilitate security and the functional operation of a network.
    • Implement and demonstrate the function and operation of key networking devices.
    • Implement the components of a network security laboratory and testing environment.
    • Present current examples of cyber network attacks and resources.

    In the IT and cyber security industry, networks are essential for the communication and transfer of data between devices and systems. However, networks are vulnerable to cyber-attacks, and cybercriminals can exploit vulnerabilities in networks to steal data, disrupt operations, and cause damage to businesses and organizations.

    By completing this unit, students will be able to utilise basic network concepts and protocols required in cybersecurity, which is highly valued in the IT and cyber security industry. This unit can help individuals to advance their careers and improve their employability in the IT industry, particularly in roles that require expertise in cyber security, such as cyber security analysts, network security engineers, and security operations centre (SOC) analysts. With the growing importance of cyber security in the IT industry, completing this unit can be an excellent way for students to enhance their IT industry skills and increase their employability in the job market.

  • ICTCLD401Configure Cloud Services
    60.0 hours

    This unit develops students skills to configure core cloud services including compute, storage, databases and autoscaling according to business needs and workload.

    Throughout this unit will:

    • Select and secure access to cloud environment
    • Deploy virtual network
    • Set up automatic scaling
    • Finalise virtual network infrastructure

    This unit is highly relevant to IT industry skills as cloud computing has become an essential part of modern technology, and businesses are increasingly relying on cloud computing solutions to streamline their operations. By completing this unit, students will be able to design cloud computing solutions that meet industry standards and business requirements. They will be able to apply their skills to design cloud computing solutions for a wide range of settings and purposes, including business, education, and government. These skills are highly valued in the IT industry, where cloud computing has become a standard practice. This unit can help students to advance their careers and improve their employability in the IT and cyber security industry, particularly in roles that require expertise in cloud computing, such as cloud architects, cloud engineers, and cloud consultants.

  • VU23217Recognise The Need For Cyber Security In An Organisation
    60.0 hours

    This unit introduces common security frameworks and the importance of recognising the threats, risks and vulnerabilities to cyber security in an organisation. Some threats to an organisation include networks, machines, applications, data, users and infrastructure.

    The unit addresses common cyber security attack mechanisms and an introduction to threat management as well as security issues surrounding Internet of Things (IoT) devices.

    The unit also includes the implementation of tools and systems an organisation can use for protection against cyber-attacks.

    Throughout this unit student will:

    • Identify the need for cyber security for an organisation.
    • Investigate common and emerging cyber security attacks, and techniques.
    • Investigate methods to protect personal data and privacy.
    • Examine methods used to protect an organisation’s data.
    • Investigate current Cyber Security Frameworks (CSF).

    The relevance to industry is highlighted as the sophistication of cyber security attacks increase so does the knowledge and mitigation strategies required for an organisation. This unit helps student get a baseline understanding of the key frameworks adopted by organisations to keep secure and in an ever change technology landscape.

  • VU23223Apply Cyber Security Legislation, Privacy And Ethical Practices
    30.0 hours

    This unit introduces knowledge required to identify the current Australian cyber security legislation and to be cognisance of the interdependence between the key regulators.

    It requires the ability to apply the current cyber security privacy policies and procedures for an organisation. The unit also includes the ethical practices required for students to conduct themselves professionally both privately and when working for an organisation.

    Throughout the unit students will:

    • Review the cyber security legislative and regulatory landscape for Australian organisations
    • Examine an organisations policies and procedures for compliance with relevant standards
    • Review the ethical practises and procedures for an organisation

    The relevance to industry is highlighted by students gaining an understanding of the audit process by assessing and preparing a written report on the level of compliance or non-compliance which is important to an organisation in its requirements to be in adhering to current legislative instruments and reporting duties. Students will also be able to identify unethical behaviour by ICT/cyber security technicians within an organisation or privately and explain the potential impact of the behaviour.

  • VU23221Evaluate And Test An Incident Response Plan For An Enterprise
    40.0 hours

    This unit requires students to examine an organisation’s existing incident response plan (IRP) and expand it as necessary to deal with incidents new and emerging threats.

    The unit requires the ability to form a team, clarify roles, interpret an incident response plan (IRP), use red, blue and purple teams to test the IRP, implement an incident, evaluate the IRP for its effectiveness and if required make improvements.

    Throughout this unit students will:

    • Form an incident response team
    • Define red, blue and purple team tasks
    • Plan the implementation of the organisation’s incident response plan (IRP)
    • Implement the IRP for prescribed incidents
    • Evaluate the IRP

    The relevance to industry is highlighted by student gaining an understanding that no organisation, either a start-up or a medium scale organisation has the privilege to assume that the adversaries would not be interested in them. Even if they are not the targets, they can be victims if they have not taken appropriate steps to be prepared in case of an Incident. This unit will advance your knowledge in the following.

    Students gain an understanding of the roles associated with an Incident Response Team

    to create an Incident Response Plan documentation for an organisation in accordance with the Incident Response Plan template as devised by the ACSC (Australian Cyber Security Centre). Student gain practical awareness in relation to the training strategy associated with Incident Response Teams: Role of Red Teams, Blue Teams and Purple teams.

  • VU23215Test Concepts And Procedures For Cyber Security
    60.0 hours

    This unit introduces the use of testing procedures for computer systems in an organisation. The unit examines common threats, ethical hacking principles, and an introduction to penetration testing, social engineering security issues, enumeration, port scanning, foot printing, traffic sniffers and wireless local area network (WLAN) vulnerabilities and also includes treatment of intrusions.

    This unit also discusses the ability to apply layer testing frameworks and tools as well as network testing and monitoring tools.

    Throughout this unit students will:

    • Identify typical cyber security application layer testing methodologies and tools.
    • Use networking security testing methodologies, tools and commands.
    • Implement the laboratory testing environment.
    • Identify common threats and mitigation strategies.
    • Demonstrate ethical hacking principles and procedures.
    • Identify security vulnerabilities of WLANs.
    • Demonstrate basic scripting for a cyber security environment.

    The relevance to industry is highlighted by proving an introduction to penetration testing methodologies and activities, with a focus on current tools and local network based attacks.

    This provides opportunities to build solid foundations for Penetration Tester career pathways. The technical based skills development in this unit with focuses on Linux usage, command line interfaces and scripting languages will prepare students for further penetration testing subjects. The practical usage of virtualised testing environments using industry standard software gives student the opportunities to work through complex scenarios and ideas around migration of common threats.

  • BSBINS401Analyse And Present Research Information
    40.0 hours

    This unit supports students collect, organise, analyse and present information using available systems and sources. This includes identifying research requirements and sources of information, evaluating the quality and reliability of the information, and preparing and producing reports.

    Throughout the unit students will:

    • Identify and confirm research strategy
    • Collect and store research information
    • Analyse and synthesise research information
    • Present research information

    The relevance to industry is that it provides learners with the skills and knowledge necessary to collect, analyse, and present data and information effectively, which is a critical part of many IT roles. By completing this unit, learners will be able to improve their analytical and research skills, and develop their ability to present information in a clear and concise manner. These skills are highly valued in the IT and cyber security industry, where data analysis and effective communication are essential for success. This unit can help students to advance their careers and improve their employability in the IT and cyber Security industry.

  • Semester 2

  • VU23219Manage The Security Infrastructure For An Organisation
    80.0 hours

    This unit discusses how to manage the security infrastructure for an organisation. It includes assessing risk, implementing appropriate controls, monitoring their effectiveness and compiling reports for future audit purposes.

    This unit requires students to monitor and evaluate the physical security infrastructure of the organisation, and implement a security infrastructure maintenance program.

    Throughout the unit students will:

    • Identify the key features from information and security policies for an organisation.
    • Determine risk category for the security infrastructure.
    • Identify the physical security vulnerabilities of the organisation’s security infrastructure.
    • Implement appropriate security system controls for managing the risk.
    • Monitor security infrastructure tools and procedures.
    • Promote cyber security awareness in the organisation.
    • Implement cyber hygiene principles.

    The relevance to industry is highlighted by students having an understanding and contributing to GRC initiatives (Governance, Risk and Compliance) that will lead to the following industry alignment and pathways:

    • Effective implementation of security policies helps organisations to reduce risk. Every organisation that collects data has a role to play in secures infrastructure and data management.
    • Enhance and improve an organisation’s compliance with government standards, legislation, and laws.
    • Implement and manage Change Management process in organisations to secure infrastructure, access management and reduce redundancies.
    • Increase security awareness of businesses, employees, and their clients.

  • VU23218Implement Network Security Infrastructure For An Organisation
    80.0 hours

    This unit explains the key features that make up the network security for an organisation. Students will investigate threats and mitigation techniques, network security models, administration protection and user access methods, introduction to firewall setup and configuration, intrusion prevention, intrusion detection systems (IPS/IDS) and software used to protect an organisation, examine proxy server vulnerabilities, Wireless Local Area Network (WLAN), security vulnerabilities and the application of Virtual Private Networks (VPN’s) and cryptography fundamentals.

    Throughout the unit student will:

    • Examine the different models of security solutions for an organisation.
    • Investigate methods used to authenticate users to a network.
    • Investigate the operation and role of software tools to monitor traffic and security in an organisation.
    • Prepare and implement a firewall.
    • Investigate intrusion prevention and intrusion detection systems (IPS/IDS).
    • Examine proxy server vulnerability issues.
    • Investigate wireless security access and common vulnerabilities.
    • Demonstrate the fundamental operation of cryptographic systems.
    • Demonstrate the fundamentals of Virtual Private Networks (VPN’s).

    The relevance to industry is highlighted by the training involved within this unit exposed the student to the security challenges that are faced within enterprise networking environment. Understanding how these security implementations and solutions operate, allow for a greater understanding of the troubleshooting process, designing secure and resilient infrastructure.

    Prerequisites: VU23213 - Utilise basic network concepts and protocols required in cyber security

  • VU23220Develop And Carry Out A Cyber Security Industry Project
    100.0 hours

    This unit supports students to develop and undertake a project that simulates a real cyber security industry environment. The project may include using a Cyber Security Operations Centre (CSOC) sandbox or equivalent laboratory environment. This environment allows the participant to demonstrate configuring and testing of firewalls, implementing Intrusion Detection/Prevention Systems (IDS/IPS) and evaluating and identifying any traffic anomalies. The use of Red & Blue teaming exercises to identify security breaches and apply mitigation strategies to minimise further risk are included as part of the project.

    Throughout the unit students will:

    • Establish a project team.
    • Determine context of business need or problem (project).
    • Support the project plan development.
    • Evaluate the suitability of the gathered resources.
    • Implement the project design.
    • Support project completion and handover.

    The relevance to industry is highlighted by having students working as part of a team of solution consultants to identify threats and suggest remedies to support holistic security enhancements. Students gain exposure to business processes and professional practices. Students also gain an understanding of the Cyber Security Analyst roles including activities and CSOC working environments. This unit uses practical application risk assessments for realistic client facing roles and provides students essential communication skills both in written and verbal presentation formats.

    Prerequisites: VU23213 - Utilise basic network concepts and protocols required in cyber security. VU23215 - Test concepts and procedures for cyber security

  • VU23225Investigate Windows Security Features
    40.0 hours

    This unit investigates the fundamentals of Windows security features. It requires the ability to comprehend the basic architecture of Windows, identify security features such as log files, instrumentation and how a basic attack might occur. The unit investigates tools to collect security data centrally and query it to identify potential threats.

    In this unit students will:

    • Examine the structure of the Windows Operating System
    • Examine System Administration tools
    • Investigate tools used to examine basic Windows attacks
    • Investigate the function and role of a Security Operation Centre (SOC) and Security Information Event Management (SIEM) tool
    • Examine methods to collect data from multiple end points into a SIEM tool
    • Implement mitigation strategies for threats

    The relevance to industry is highlighted by the need for cyber security analysis to investigate basic attacks within an organisation. This analysis of data can be used to develop organisation wide security awareness decisions and mitigations strategies for whole of business defences. Students will discover different types of security monitoring tools and develop the right approach for an organisation based on its needs.

  • VU23222Expose Website Security Vulnerabilties
    40.0 hours

    This unit develops the skills required to maintain the security of an organisation’s web infrastructure by utilising the outcomes of the Open Web Application Security Project (OWASP). In this unit students apply penetration testing tools to determine the vulnerabilities of a web site, assess the vulnerabilities and report to appropriate personnel.

    Throughout this unit students will:

    • Explain the Hypertext Transfer Protocol (HTTP) and web server architectures.
    • Identify web site content.
    • Install web application proxy testing tools.
    • Use current frameworks that identify common software vulnerabilities.
    • Report web application vulnerabilities.

    The relevance to industry is highlighted by enabling student to develop their skills in web penetration testing concepts. Students use common frameworks like OWASP to establishes understanding of security in the web stack which lays the groundwork for a career in Application or Website Security.

people at desk icon
No question is too big or small.
Give us a call on 1300 269 445

Is this the course for you? 
Enrol now or enquire about this course.


Interested in Cyber Security & ICT?
Discover more

Discover Cyber Security & ICT
Discover Cyber Security & ICT