Security headers/polices

Hi all,

As someone coming from a NON programming background,
Do we need to apply all the following security headers/polices? if so, how to apply?

Thank you.

These are not even about programming, and each requires a discussion of the tradeoffs and nuance. Not something that’s easy to discuss here. Also not super critical to configure any of those.