Here’s a test of your security-fu:

https://homebank.sactocu.org/UA2004/faq-mfa.htm#pp6

Why are the Security Questions used?
The first time you login and enroll in Protection Plus, you will be asked to enter five Security Questions and corresponding answers. The Security Questions are used if you do not want to register the computer you are currently using. With the Security Questions, we can make sure it is you logging in when you use different computers, such as, a internet bar computer.

The answers to your Security Questions are case sensitive and cannot contain special characters like an apostrophe, or the words “insert,” “delete,” “drop,” “update,” “null,” or “select.”

Why can’t I use certain words like “drop” as part of my Security Question answers?
There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: “select,” “delete,” “update,” “insert,” “drop” and “null”.

Now: did you laugh, and if so, can you explain why?

I have a major downer upon security approaches of “everything is permitted except [foo]” but this just about takes the biscuit; if you can’t guarantee code quality at this level then as soon as someone works out how to encode DROP TABLE in hex, you’re screwed.