The architect at Universal Containers is trying to ensure that security vulnerabilities are not present within the Salesforce organization.
What two tests should the architect verify?
Choose 2 answers

Universal Containers has a requirement to share Accounts automatically to the users at a field office. They currently have the following setup in their environment:
* Accounts are set to Private in the Org-Wide Default.
* The field office is specified by a lookup in the Account object.
* There are 400 field offices.
* The users in each field office are managed using public groups.
Based upon a lookup relationship field on the Account, how should the Architect meet this requirement?

Universal Containers has selected a small and diverse group of users to review Inactive accounts. Given the Private sharing model, a public group was created and made available to this group of users. A sharing rule was created to make inactive Accounts visible to the public group. However some of these users are reporting they don't see any of the Accounts that were shared with the public group.
what is the underlying Issue for these users?

Partner users can access records belonging to users in their account at their same role or lower in the role hierarchy, for Cases, Leads, Opportunities and Custom Objects. Which of the following access has to be given ?

Universal Containers (UC) uses a custom Visualforce page to display shipment tracking information (custom object, private OWD) to field manager and agents. The IT team wants to make sure that users have access to only the information that is allowed.
Which Apex method must be used to make sure only allowed fields are shown to the users?