It is inevitable that a network will fall to intrusion or malicious use of network resources. This part discusses some proactive measures an administrator can take to prevent a security breach, such as implementing an Intrusion Detection System (IDS) or forming an emergency response team capable of quickly and effectively responding to security issues. This part also details the steps an administrator can take to collect and analyze evidence of a security breach after the fact.