I understand that.
What I'm trying to say is that a security question and its answer are nothing other than a second password. Getting the right answer gives you access to your account, either by resetting the password or recovering it.
Here's the dilemma: if you make it easy to guess, you open an easy way for someone to break into your account. If you make it hard to guess, you need to remember it just like you need to remember your first password.
There is no distinction between a password and a security question/answer challenge. The best solution is to not forget your first password in the first place. And if you do forget, recover your password via another route (as you would do if no security question/answer exists). All sites have that option.
Not sure I'm explaining it well (it's late here). I'll try again maybe later this week
Long story short: any security expert in IT will tell you that security questions are not a good thing. Especially standardized questions.