Point out the correct statement:
A. Procedure that constructs SQL statements should be reviewed for injection vulnerabilities
B. Parameterized data cannot be manipulated by a skilled and determined attacker
C. The primary form of SQL injection consists of indirect insertion of code
D. None of the other choices
