Conquer the 2025 CPSA Challenge – Elevate Your Security Analyst Skills Now!

In the context of SQL injection, the correct example that uses type handling to manipulate data involves altering the query to execute unexpected commands by leveraging a mismatch in data types. The chosen option, which attempts to drop a table, demonstrates how SQL injection can exploit the application's data handling vulnerabilities.

The example works by inserting a command (DROPTABLE users) into a context where a numeric input was expected, allowing the attacker to manipulate the SQL command structure. This is characteristic of an injection attack that uses type handling, as it assumes that the database will interpret the input as a valid command rather than a simple numeric value.

In contrast, the other options, while they may also represent forms of SQL injection, do not effectively demonstrate the specific tactic of manipulating data types. They either rely on logical conditions or are incomplete queries that would not execute as intended. The focus on type handling in the correct example highlights the importance of understanding how input values can be manipulated and interpreted by the database to perform unauthorized actions.