Some sites and services let you create your own custom authentication questions. This can also be an opportunity to create something unique that nobody but you would know the answer to. The sillier you are with both the question and the answer, the less likely it is that an attacker could guess it.
To protect your data from viruses, phishing attacks, and other malware--whether its on your PC, smartphone, or tablet--you should have some sort of cross-device security tool in place. But, when it comes to preventing unauthorized access to information stored elsewhere, two-factor authentication provides better protection.
An attacker may be able to guess your username, Google the answers to your authentication questions, and crack your password. But, if access to your data also requires a unique PIN that can only be sent to the mobile phone you have registered with the account for that purpose it makes it much harder to get in.