I don't Facebook, but most of the so-called security questions are things which can be dug out of a record somewhere. Same with credit cards.
So I never give them the correct answer in the first place. Just use something you can remember as the "correct" answer.
It doesn't matter to the software if your answer is factual, only if you give the right one.
Just because you and I are cautious, doesn’t mean that facebook fails in its design purpose.