Universal Containers has developed an AppExchange managed package for their distribution partners, which required a private key to be generated for each partner and used by the code. Universal Containers support representatives must be able to access the private key value to debug connection issues, but it must not be possible for the partner to access the value.
How can the Architect best support this requirement?

Mary is Joe's manager in the role hierarchy. The OWD for a custom Invoice object is Public ReadOnly and Mary's profile is not granted the Read permission for the Invoice object.
What action can Mary take on Joe's Invoice records?

Universal Containers has a requirement to share Accounts automatically to the users at a field office. They currently have the following setup in their environment:
* Accounts are set to Private in the Org-Wide Default.
* The field office is specified by a lookup in the Account object.
* There are 400 field offices.
* The users in each field office are managed using public groups.
Based upon a lookup relationship field on the Account, how should the Architect meet this requirement?

Universal Containers is implementing a community of High-Volume Community users. Community users should be able to see records associated to their Account or Contact record. The Architect is planning to use a Sharing Set to provide access to the records. When setting up the Sharing Set, certain objects are not available in the list of Available Objects. Which two reasons explain why an object is excluded from the list of Available Objects in a Sharing Set?

The sales managers at the Universal Containers (UC) requested their teams to define each user's role on their accounts in order to provide an easy way to establish accountability and collaboration. Sales managers also requested that sales associates should only get the following permissions:
* Read access to the accounts.
* Read access to cases related to the accounts
* No access to deals related to the accounts
The sales associates may be granted access to opportunities when needed.
Assuming the overall sharing model of the organization is private and no sharing rules are configured on the account object. How can an Architect achieve these requirements?