According to CIP-006 R1.4, what should be monitored to detect unauthorized access?

The correct answer focuses on monitoring access points into Physical Security Perimeters as an essential aspect of detecting unauthorized access. In the context of NERC CIP-006 R1.4, this requirement emphasizes the importance of controlling and observing the entrance and exit points of secured facilities. Access points are critical vulnerabilities and must be monitored to prevent unauthorized individuals from entering the area.

By keeping a close watch on these access points, organizations can quickly identify any breaches in security, ensuring that appropriate measures are taken to address potential risks to critical infrastructure. This monitoring likely includes techniques such as surveillance cameras, access control systems, and security personnel stationed at these locations, all aimed at ensuring only authorized individuals enter secured areas.

While other options like physical barriers, guest logs, security incidents, and equipment within secured locations are important aspects of a comprehensive security strategy, they do not specifically address the immediate need for monitoring entry points in real-time. This focused approach on access points aligns directly with the intent of CIP-006 to enhance physical security and protect against unauthorized access.