In answer to your first question: If they have full admin access to the server, they're going to be able to do whatever they want with the databases on it. However you can still add auditing to the server, if you can trust them not to tamper with that. I'd suggest making it a condition of the support you provide them, to not make changes to the database directly.
In answer to your second question:
SQL Server Auditing - can be used for instance and database level auditing.
For more information, this is a pretty good guide with examples of how to set it up: http://bradmcgehee.com/2010/03/30/an-introduction-to-sql-server-2008-audit/
This also gives even more information on how it works and examples: http://msdn.microsoft.com/en-us/library/dd392015%28v=sql.100%29.aspx