C deals with discretionary protection. See metric below:

TCSEC Metric
The following are incorrect answers:
D is incorrect. D deals with minimal security.
B is incorrect. B deals with mandatory protection.
A is incorrect. A deals with verified protection.
Reference(s) used for this question:
CBK, p. 329 - 330
and
Shon Harris, CISSP All In One (AIO), 6th Edition , page 392-393

RFC 2828 (Internet Security Glossary) defines the Internet Security Association and
Key Management Protocol (ISAKMP) as an Internet IPsec protocol to negotiate, establish, modify,
and delete security associations, and to exchange key generation and authentication data,
independent of the details of any specific key generation technique, key establishment protocol,
encryption algorithm, or authentication mechanism. Simple Key-management for Internet Protocols (SKIP) is a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets. OAKLEY is a key establishment protocol (proposed for IPsec but superseded by IKE) based on the Diffie-Hellman algorithm and designed to be a compatible component of ISAKMP. IPsec Key Exchange (IKE) is an Internet, IPsec, key-establishment protocol [R2409] (partly based on OAKLEY) that is intended for putting in place authenticated keying material for use with ISAKMP and for other security associations, such as in AH and ESP. Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.