Final answer:
Option a, limiting entry/access to the building, is not a detective control because it is a preventive measure. Detective controls include examining logs, continuous monitoring, and intrusion detection systems, which are aimed at detecting incidents, not preventing them.
Step-by-step explanation:
The question asks to identify which option is not considered a detective control for determining if an organization's information system is under attack. Detective controls are procedures and mechanisms that are designed to detect and alert if security incidents occur. Among the provided options, the one that does not fit the definition of a detective control is a. Limiting entry/access to the building. This option is more of a preventive measure aimed at stopping security incidents before they occur, rather than detecting them. On the other hand, options b, c, and d are all detective controls: b. Examining logs to identify evidence of possible attacks, c. Continuous monitoring of employee compliance with security policies, and d. Adequate intrusion detection systems all play a role in identifying and alerting security incidents.