What security risk does the role-based access approach mitigate MOST effectively?

The security risk that the role-based access approach mitigates most effectively is excessive access rights to systems and data. Role-based access control (RBAC) is a model of access control that assigns permissions to roles rather than individual users, and then assigns users to those roles based on their job functions and responsibilities. This way, RBAC ensures that users have the minimum necessary access rights to perform their tasks and reduces the risk of unauthorized or inappropriate access.

B. Segregation of duties conflicts within business applications is not the security risk that the role-based access approach mitigates most effectively, but rather a security principle that RBAC supports by enforcing the separation of incompatible functions and preventing collusion or fraud.

C. Lack of system administrator activity monitoring is not the security risk that the role-based access approach mitigates most effectively, but rather a security requirement that RBAC facilitates by providing audit trails and logs of the access activities and events.

D. Inappropriate access requests is not the security risk that the role-based access approach mitigates most effectively, but rather a security challenge that RBAC addresses by simplifying the access management process and reducing the administrative overhead.

References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 3, page 133; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 3, page 109