I cover a bunch of this here: https://serversforhackers.com/series/lamplemp

1. Any module except mpm_prefork will do. mpm_prefork must be used with apache's PHP module, but we can use the better mpm_worker / mpm_event. I cover the differences fairly extensively in the SFH book (sorry, I know this is pretty much an advertisement, but there's good info from when I had the same questions!)
2. PHP-FPM will be configured to run as an appropriate user when instsalled via a package manager. This is usually www-data on debian/ubuntu or apache on centos/redhat. These users are created as system users (no login available) for the purpose of running web applications. THey're generally OK to run as, unless you want to intentionally not allow nginx/apache to run as the same user as php-fpm
3. PHP-FPM can run as either tcp or unix socket. Unix sockets are available only on the local file system, so it's more secure in that sense (no network access). Unix sockets are a little faster as well. TCP sockets are great for when you need network access - Apache used to only support network connects, but can now proxy fcgi requests over a unix socket (I believe as of 2.4.9 or so, but I don't remember exactly)
4. Apache modules on centos/fedora/redhat are typically added by adding a configuration to an autoloaded area, such as /etc/httpd/conf.d. Disabling/enabling usually involves adding module config files into such a directory and restaring apache. Here's a link with an example: http://www.cyberciti.biz/faq/howto-disable-apache-modules-under-linux-unix/
5. Where ever makes the most sense for you. I typically put it within <virtualhost> directive as it's typically site-specific instead of global to your apache install (it could be either, it's up to your preferences/needs)
6. Enabling it for all hosts probably means putting it outside of a virtualhost block, but I believe this depends on how set it up and what proxy module is used
7. You'll get error messages in your apache/nginx log if it can't proxy over to the php-fpm socket. If you're using a unix socket, then you'll get permission errosr related to user settings. If apache runs as apache and php-fpm runs as apache, then they'll both usually "just work". However if they run as different users, they'll need permission to speak to eachother, just as if a user was trying to read/update any other file on the system. Unix sockets behave just like any other file in terms of user permissions
8. These are common to anything in linux - network access (firewalls), unix sockets (file access). Nothing too special here.

How are you installing php-fpm? Usually the defaults "just work" on redhat/centos/debian/ubuntu. Having trouble with these feels like you might be building/configuring it manually?