Answer C is the technically correct selection. TACACS+ separates authentication, authorization, and accounting, while RADIUS commonly combines authentication and authorization. TACACS+ also encrypts more of the packet payload than RADIUS, but the answer choice that states only password encryption for TACACS+ reverses the facts. This aligns with Cisco CCNA 200-301 v1.1 because the exam blueprint requires engineers to recognize operational behaviour from configuration symptoms and topology requirements. Command accounting is usually stronger with TACACS+ for device administration, making C the correct comparison. Treat the distractors carefully: most are real Cisco terms, but they solve a different problem or operate at a different layer. The selected answer is the one that would be used by an engineer on the device or in the design to produce the outcome stated in the question.