Q: Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?

A:
1. Preventive/Technical Pairing
2. Preventive/Administrative Pairing
3. Preventive/Physical Pairing
4. Detective/Administrative Pairing

For me soft means software, so I choose 1 (Technical) but it's 2. Here is the explanation :
"Preventive/Administrative: In this pairing, emphasis is placed on "soft" mechanisms that support the access control objectives."

Can someone help me understand why ?

Thanks

I'm going to answer based on my experience and not from any book

Soft Access Control mechanims are usually hard copies (paper application) documents that allow an adminitstrator to provide access based on Employment screening, Need To Know, least privilege, separation of duties among other criterias.

Lets say that there is a technical lab in my company. The main door to enter the lab doesn't have any card reader, biometrics, etc.

The door has a cipher lock. The door prevents people to enter the lab. the only way a person can enter the lab is by getting the cipher lock combination.

The person has to fill an application requesting entrance to the lab. The lab administrator will decide (authorize or deny access to enter the lab) from his / her criteria and documents if the person has a need to know, least priviledge etc, to enter the lab.

If the person is autorized the admin will give him the combination to the cipher lock thus accessing the lab. This will be preventative / administrative pairing.

A prentative / technical access control involves Automated system (firewall, Router ACL, Logon to a System), expert system, badge reader, or biometrics to make the decision of access control. It is also called "hard mechanisms".

In a preventative / administrative the administrator judgement and the paper work attached to it is considered soft mechanism.

Soft in soft mechanisms is not "Software" it is something smooth , not hard.