The purpose of red-team exercises has been defined as "to validate perceived vulnerabilities or weaknesses in the overall security of an installation or facility. In addition, it is designed to test security operations, tactics, equipment, and procedures to see if they are able to mitigate actual or perceived threats." In its original use in military exercises, the red team has assumed the role of the threat or enemy forces, in order to test defenses. For law enforcement and security purposes, red teams could be composed of internal resources (police officers), external resources (other criminal justice practitioners, military specialists, or contracted specialists), or both. These teams can assess, probe, and attempt to breech the facility's security. This article describes such use of a red team in testing the security provided by a major university-based police department. The intent of the exercise was to determine whether the designed and implemented security system would hold against the size and type of threat it was designed to counter. The results of the exercise were used to modify the security system based on the weaknesses revealed by the red team's attack. Such red-team exercises require detailed and careful scripting in order to minimize dangers to property, the public, and participating personnel. If conducted properly, a red-team exercise can be an innovative means of obtaining information on the strengths and weaknesses of a facility's security.