Which following statements are true

$$ WebAuthn is not compatible with existing username and password$-$based authentication systems.

$$ Using a web application firewall $($WAF$)$ can help prevent attacks such as SQL injection and cross$-$site scripting $($XSS$).$

$$ A script HTML tag is not a subject to the SOP $($same origin policy$).$

$$ Clickjacking attacks can be used to trick users to for example grant access to his web camera without knowing about it$.$

Which below statements are correct

$$ The only information that can be collected through fingerprinting is the type of operating system, web browser being used and the IP address.

$$ Code injection attacks can only be executed in statically$-$typed programming languages.

$$ Two$-$Factor Authentication $(2$FA$)$ provides an additional layer of security beyond just a username and password.

$$ The Same Origin Policy is designed to prevent malicious scripts from accessing sensitive information from another domain, and to ensure that web applications can only access resources from trusted sources.