As for your question 3) What is the best network settings mode to test malware or isolate VM network from host network to make sure they don't infect the host network?
I can't answer the 1st part of the question. Using my laptop to answer, hopefully, your 2nd part of the question
Firstly, you'll need your host machine to be strongly protected. Get a strong AV/AM and other needed protection software.
Scenario 1
If you are just simply using the VM to surf the web (and anonymously) and without performing critical usage then simply power off WITHOUT saving the machine state will do.
Scenario 2
If you performing critical work activity inside the VM then protect it like you'll protect your host machine. Install a different strong AV/AM and other protection software inside the VM. If you need to transfer files in/out between VM and the host machine make sure the host machine's AV/AM scans such files. End of the day just shut down the VM WITHOUT saving the machine state. You can also use Sandboxie in the VM to sandbox your browser, if it works, as an additional layer of protection.
If you are afraid of VM-evading malware then the host machine's strong AV/AM and other protection software should serve as the main layer of protection. Lastly, you can install Shadow Defender on the host machine and shut it down WITHOUT saving at the end of the day.
Likely, I'll install Shadow Defender on the host machine and not Sandboxie nor AV/AM in the VM for I won't be doing critical work there
Edit (added)
If my answers cannot satisfy you then go to the below link to get better answers
Alright I would like to open up a discussion on how to protect your host from rare malware that escapes your VM and hits your host machine. So discuss about any products, changing settings, etc. and how you protect your Host. Now I have a question for myself, Would be using a HIPS like comodo...
malwaretips.com
For fingerprinting
1) Shadow Defender - cannot protect the host machine from being fingerprinted
2) Sandboxie - in its default settings it cannot protect the host machine from being fingerprinted
Read post #16 by the developer below
Sandboxie is finally Open Source :D I have uploaded the sources, as released by Sophos today, to GitHub: https://github.com/DavidXanatos/Sandboxie and...
www.wilderssecurity.com
3) VM - it can protect your host machine from being fingerprinted if you are using two different OSes