There are seven access control categories. Below you have the Access Control Types and Categories.
-Access Control Types:
-Administrative
-Policies, data classification and labeling and security awareness training
-Technical
-Hardare - MAC FIltering or perimeter devices like
-Software controls like account logons and encryption, file perms
-Physical
-Guard, fences and locks
-Access Control Categories:
Directive: specify rules of acceptable behavior
-Policy stating users may not use facebook
Deterrent:
-Designed to discourage people from violating security directives
-Logon banner reminding users about being subject to monitoring Preventive:
-Implemented to prevent a security incident or information breach
-Like a fence or file permissions Detective:
-Used to mitigate the loss.
-Example: Logging, IDS with a Firewall Compensating:
-To subsititute for the loss of a primary control of add additinoal mitigation
-Example: Logging, IDS inline with firewall Corrective:
-To remedy circumstance, mitigate damage or restore control
-Example: Fire extinguisher, firing an employee Recovery:
-To restore conditions to normal after a security incident
-Restore files from backup
All these are designed to shape employee behavior to better maintain an environment that supports the business objectives and protects corporate assets.
The following answers are incorrect:
-Deterrent Access Control: This is not right because a deterrent access control discourages people from violating security directives.
-Preventive Access Control: This is incorrect because a preventive access control category is used to simply stop or block unwanted behavior. Users don't have a choice about whether to violate the behavior rules.
-Detective Access Control: Sorry, this isn't a access control category.
The following reference(s) was used to create this question:
2013 Official Security+ Curriculum.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition
((ISC)2 Press) (Kindle Location 1162). Auerbach Publications. Kindle Edition.

Data-diddling - the modification of data -Ronald Krutz The CISSP PREP Guide (gold edition) pg 417

"The server sends a message back to the client indicating that a secure session needs to be established, and the client sends it security parameters. The server compares those security parameters to its own until it finds a match. This is the handshaking phase. The server authenticates to the client by sending it a digital certificate, and if the client decides to trust the server the process continues. The server can require the client to send over a digital certificate for mutual authentication, but that is rare."
Pg. 523 Shon Harris: All-In-One CISSP Certification Exam Guide

This is absolutely false, this problem can be seen almost anywhere. There have
always been trouble with the lost of keys. Some of those looses are more important than others,
its not the same to lost the key of the company safe box, that lost the key of you locker with that
contains your shoes.
This is obviously an incorrect statement, answer C is the one in here.
"Unfortunately, using security guards is not a perfect solution. There are numerous disadvantages
to deploying, maintaining, and relying upon security guards. Not all environments and facilities
support security guards. This may be due actual human incompatibility with the layout, design,
location, and construction of the facility. Not all security guards are themselves reliable.
Prescreening, bonding, and training does not guarantee that you won't end up with an ineffective
and unreliable security guard." Pg 646 Tittel: CISSP Guide.