All other merchants (not included in the descriptions for SAQs A, B, or C) and all service providers defined by a payment brand as eligible to complete an SAQ may be completing what SAQ?
The use of two-factor authentication is NOT a requirement on PCI DSS v3 for remote network access originating from outside the network by personnel and all third parties.