Everyone seems to agree that challenge questions provide an small increased level of security over simply asking for known identity information as in [Solution A]. It provides a bit of randomness that would otherwise be missing if we only asked for udeupa username, ApuIdNumber, and partial social security number. The only problem is that some questions which promote more random answers, will be more difficult to verify, and will be harder for users to remember. In other words, we don't want to ask really simple questions, but we also don't want to ask a question that can be answered in a thousand different ways.
If the goal is to reduce the overhead and inconvenience of password resets through the support desk, by providing an easy to use self-service tool, then challenge questions could present a some problems. The key will be to decide which questions to ask, and the method of verification. It may become burdonsome as well to ask too many questions. Remember if the user doesn't remember any of their answers they will be calling the support desk.
With these considerations in mind, it can be understood why questions such as "mother's maiden name" are so widely used. Its something you won't forget. Its something that is a single word and spelled the same way every time. These things help verification. This is not a promotion of this question, but rather an example of the attributes that probably make it a good challenge question, if viewing it from more than just a security perspective.
Remember we aren't shooting for the ultimate solution, if we were we wouldn't be using passwords at all.
Please attempt to answer these questions, and provide suggested (even if duplicated) Challenge Questions below.