Browsing the web securely: DispVM workstation Sys-whonix as networking

Qubes 4.1.2. only configured firefox for disposable vm.

This DispVM is only for browsing the web.
I have done nothing only the setup to firefoxsr(policies, prefjs,extension)

Dispvm debian11 (browsing ) → sys-whonix → firewall → netvm

Tor browser is better for anonymity and fingerprinting, but does it protect you from other attacks better than firefox?

In case I want to use oni links with firefox in DispVM(Debian) would I be at top of security privacy and anonymation? If not, what steps should I follow.

On official whonixforum it provides additional config for anon whonix to use tor.
(Disable tor over tor browser and sys-tor)
In debian 11 it only tells me to connect the whonix networking and good to go. What am I missing?

I have read the torvm from @unman I have read the qubes for fun and potentially every findable guide. But some of them are deprecated.

So what would be the best configuration to take privacy, anon and security to the next level using debian as workstation and whonix as gateway only for browsing the web securely in this beautiful OS.

Do I need to assign manually a socks5/torport to my firefox?

Firewall config are very welcome too.