Which of the following statements are true The use of encryption in Node.js applications is not necessary due to built$-$in mechanisms that provide security in all Node.js applications. DNS rebinding attacks are a form of exploitation that is relatively easy to implement and difficult to detect.

HTTPS is not compatible with content delivery networks $($CDNs$).$ Setting random values as tokens in cookies is an insufficient defensive measure against the CSRF $($cross$-$site request forgery$)$ attack. Which statements below are correct The cross$-$site request forgery $($CSRF$)$ attack is possible both with the GET request and with the POST request.

The implementation of Do Not Track $($DNT$)$ in web browsers provides complete protection against fingerprinting. In DNS rebinding attacks, the browser only communicates with the target domain and not with other domains. HTTP Strict Transport Security $($HSTS$)$ helps protect against protocol downgrade attacks.