5) Paper/descriptors backup
Core already lets you export the descriptor set (including privkeys) via RPC:
listdescriptors true --> JSON of descriptors with xprv.
dumpwallet <file> --> legacy: all keys + metadata in text.
You can take that JSON/text offline and GPG-encrypt it. Printing a QR is your choice (be mindful of QR size; you'll likely split across multiple QRs). Core doesn't do the QR/encryption for you in the GUI; you'd script this yourself on an air-gapped machine.
Use a long, unique wallet passphrase; Core's KDF has an iteration count but passphrase quality dominates. Make multiple offline backups (wallet.dat and/or listdescriptors true) in separate locations.
If you want extra protection at rest, put the backup inside an encrypted container or GPG it--in addition to Core's native encryption. Test your restore procedure once, then seal the backups.
The above setup gives you: usable day-to-day wallet (locked), plus verifiable offline backups with defense-in-depth.
I think we both described the same process for step (5). What I am actually asking is whether there is a good, recommended by Core's developers, in order to back up the wallet.dat in a physical medium, rather than a digital one. But, writing an XPRV isn't the optimal way, because it lacks encryption. So, I am wondering if they do it, if they recommend it and if they endorse it in general as a concept.