Can you answer this sample Security+ question on cipher suites? 

Q. Lisa is setting up a secure webserver. She needs the server’s cryptography to support perfect forward secrecy. Of the following choices, what cipher suite should she ensure is used by the server?

A. TLS_DH_WITH_AES_256_CBC_SHA256

B. TLS_RSA_WITH_AES_128_CBC_SHA256

C. TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256

D. SSL_RSA_WITH_AES_128_CBC_SHA256

Do you know the answer? More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer is available here.