And I'm sorry, but the question & answer option does not exactly play out if you have members who speak & write in different languages and who likely have different keyboard setups.
e vs ё
Is not going to be seen as the same. Not to mention after while those Q&A's need to be changed fairly often.
XenForo needs a more universal & use friendly capTcha option, which also requires less general maintenance.
live demo on XenForo site
QapTcha does not depend on flash player, is mobile web friendly, fast, uses no resources, is hosted locally so it's not dependent on an outside source & is CDN compatible. It is also idiot poof in that it is universally understood and is not language dependent. And finally, requires zero effort from an administrative point of view (turn it on and you're done).
There is currently an add-on thanks to @serene which I have been maintaining
But this really should be something easily added into the core.