update qubes/whonix isolation guide

Created by: 0xB44EFD8751077F97

• Add tips section for hardening.
• Add table of contents.
• Add usage examples.
• Change steps and terminology for current Qubes (r4.0) and Whonix (14) versions.
• Grammatical fixes and text edits.
• Harden security:
  • Address access rights.
  • Clone new template for modifications.
  • Create system user for running the daemon.
  • Put the service file in /lib/systemd/system/ on the TemplateVM, and enabled with the qubes-service condition path.
• Opt for more thorough explanations, examples, and security over brevity.
• Provide opportunity to extend for stagenet and testnet ports.
• Remove unnessary arguments from service file.
• Remove version numbers.
• Rename guide, not exclusive to CLI anymore.
• Rename qrexec action file and policy.
• Replace section on verifying binaries with a link to Monero's user guide.

---

I hope I did everything the correct way. It was unclear from the readme on what to change the second and third version fields to. Readme says 1.0, but I guessed that was a typo and should be 0.