What vulnerability can exist when controllers use dynamic rather than static queries and bind variables?

Universal containers (UC) implemented a private organization-wide default for the Container and Case objects.
How can UC give support representatives access to Container and Case records owned by Customer Community users?

Universal Containers (UC) has created a public group with certain Sales Engineers to help on complex deals and a sharing rule to grant access to these opportunities. Opportunity OWD is private.
What is the impact of these sharing settings?

An External Object is created to show Invoices from an external accounting system. When viewing the External Object, a user should only access invoice records the user is authorized to see.
What two actions are required to achieve the above requirement? Choose 2 answers

Universal Containers is updating its Organization-Wide Sharing Settings for the Account Object from a "Public Read/Write" model to a "Private" model, so that they can hide certain national accounts from sales reps and sales managers. These national accounts should only be accessible by sales directors and above. Universal Container's Role Hierarchy matches its organizational hierarchy. Which two options should the Architect consider when designing the solution? Choose 2 answers