xpub – How exactly can hardened keys work?? (HD Wallets!)

After reading Chptr 5, Wallets, from the Bitcoin Book, I have some questions:

So I understand that the leak of an xpub+child priv key = compromised wallet.

1]How compromised is the wallet? Just from that leaked child down the tree or??

To solve this, we have hardened keys. However, one of the major ups of xpub keys is the ability to generate a bunch of addresses online, for an eCommerce or etc. Then we can offline, generate the child priv keys using the xpriv derivation.

2]So do we have to choose between this method and hardened keys? Or rather, using the eCommerce example, would all generated addresses be on the same level in the tree? Therefore allowing all of them to come from a hardened parent?
I think in this scenario, it would minimize corruption to only that specific address correct? Also if the children came from a hardened parent, then each child from that parent would need to create one child under it with the xpub derivation?

3] Is the xpub derivation method even used?? What’s the advantage of using it if everyone is worried about a compromised wallet? As stated above, it doesn’t seem to be useful really?

If anyone has any good links to diagrams, that are not from the Bitcoin Book, that would be very helpful!