Which of the following is a detective access control mechanism?

The access control mechanism that is detective is log review. Log review is a process of examining and analyzing the records or events of the system or network activity, such as user login, file access, or network traffic, that are stored in log files. Log review can help to detect and identify any unauthorized, abnormal, or malicious access or behavior, and to provide evidence or clues for further investigation or response. Log review is a detective access control mechanism, as it can discover or reveal the occurrence or the source of the security incidents or violations, after they have happened. Least privilege, password complexity, and non-disclosure agreement are not detective access control mechanisms, as they are related to the restriction, protection, or confidentiality of the access or information, not the detection or identification of the security incidents or violations. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7, Security Operations, page 932. Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7, Security Operations, page 948.