Explanation
Planning is the key to effective implementation of information security governance. Consultation, negotiation and facilitation come after planning.

Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
Planning is the key to effective implementation of information security governance. Consultation, negotiation and facilitation come after planning.

Explanation
WPA2 is currently one of the most secure authentication and encryption protocols for mainstream wireless products. MAC address filtering by itself is not a good security mechanism since allowed MAC addresses can be easily sniffed and then spoofed to get into the network. WEP is no longer a secure encryption mechanism for wireless communications. The WEP key can be easily broken within minutes using widely available software. And once the WEP key is obtained, all communications of every other wireless client are exposed.
Finally, a web-based authentication mechanism can be used to prevent unauthorized user access to a network, but it will not solve the wireless network's main security issues, such as preventing network sniffing.

Explanation
The creation of objectives can be used in part as a source of measurement of the effectiveness of information security management, which feeds into the overall governance. General understanding of goals and consistency with applicable standards are useful, but are not the primary reasons for having clearly defined objectives. Gaining management understanding is important, but by itself will not provide the structure for governance.

Section: INCIDENT MANAGEMENT AND RESPONSE