nerdexam
(ISC)2

CISSP · Question #131

Which of the following is a detective access control mechanism?

The correct answer is A. Log review. Access controls are categorized by function; detective controls identify and record security events after they occur, distinguishing them from preventive or administrative controls.

Submitted by chiamaka_o· Mar 5, 2026Security Operations

Question

Which of the following is a detective access control mechanism?

Options

  • ALog review
  • BLeast privilege
  • CPassword complexity
  • DNon-disclosure agreement

How the community answered

(41 responses)
  • A
    93% (38)
  • B
    5% (2)
  • C
    2% (1)

Why each option

Access controls are categorized by function; detective controls identify and record security events after they occur, distinguishing them from preventive or administrative controls.

ALog reviewCorrect

Log review is a detective control because it involves examining recorded activity to identify security incidents, policy violations, or anomalies that have already occurred. Detective controls do not prevent events but rather discover and document them after the fact, enabling incident response and forensic analysis.

BLeast privilege

Least privilege is a preventive control because it proactively restricts user permissions to reduce the attack surface before any unauthorized action can take place.

CPassword complexity

Password complexity is a preventive control because it enforces strong authentication requirements to stop unauthorized access from occurring in the first place.

DNon-disclosure agreement

A non-disclosure agreement is an administrative (deterrent) control because it is a legal/policy document designed to deter information disclosure rather than detect or prevent a technical security event.

Concept tested: Categories of access control mechanisms by function

Source: https://www.nist.gov/system/files/documents/2017/05/09/SP800-53Ar4.pdf

Topics

#access control#detective controls#log review

Community Discussion

No community discussion yet for this question.

Full CISSP Practice