If you are going for security and trying to keep hackers from changing the password, why would you want to help them out by telling them what the question is? This just helps the hacker by "feeding" them information that can be used to guess the answer.
if the hacker has already stolen your email address, chances are they have other information about you. most people are not thinking about security when they create the answer/ question combo and choose something that can be fairly easily guessed.
I also dont see why you want to have one page where they enter the email address to verify it, then a second page for entering the secret question, it only adds to the complexity of developing the system, and the frustration of the user having to bounce through so many steps to perform the simple task of requesting a password.
Sure you can do it that way, but consider the user experience.
it is much easier to develop a system where they enter all three pieces of information at one time, and the user doesn't have to go through so many hoops.
you can still do it the way the you want, the basic steps are the same.