Yes, but an attacker is more likely to try SLEEP(10) than DROP DATABASES, because the attacker usually wants your data (and your server, but the data is a bonus). So if disabling sleep makes a few bots miss an actual vulnerability, it's a good step for defense in depth.
Correct. It's more valuable, especially when trying to exfiltrate data or when trying to inject XSS opportunities.
Plus, realistically, SLEEP allows you to scan for thousands of different test cases in a quick period and measure the hang time to figure out which vector worked.
This is especially true when you realize that timing attacks don't even need SLEEP in the first place. You just need to hang the database for a measurable amount of time, like this injection will do:
AND 1 IN (SELECT BENCHMARK(SOME_MULTIPLIER*15000000,MD5(CHAR(97))))--
