The type of response depends on the threat and the extent of the attack. If the attack is ongoing, the response will focus on stopping the attack. For instance, if there is a lot of illegitimate traffic directed toward a certain server, the IT department might opt to take the server offline or reconfigure its IP address so that the attacks no longer reach it. If the attack is a breach to a system, the IT team might change the access credentials and kill all sessions, thus forcing the attackers out of the system. An attack that has already happened will elicit a different type of response. The IT team has to prevent repeat attacks or the spread of malware from the victim. Therefore, if a server was targeted, it might be disconnected from the network and isolated physically. If a system faced a brute-force attack and the login system was compromised, the login module could be temporarily taken out to prevent further attacks. The steps taken to respond to the attack can affect the impacts. However, the organization still needs to ensure that its clients are not adversely affected, hence the following measure is taken.