In short, the physical NIC’s can only be linked to a single “vSwitch” weather that is VSS, VDS, or N-VDS. The process for installing NSX-T on hosts with only 2 NIC’s is documented here…
2)See Link above
3)Yes, if you want redundancy and only have 2 NIC’s
4)No, and best practice is it should NOT have access to anything outside that overlay VLAN.