Which statements are true

Phishing attacks are only successful against users who are not familiar with basic internet and web security principles.

HTTP Basic Authentication is considered less secure than form$-$based authentication because the credentials are transmitted in clear text.

HTTPS encryption can help to protect against XSS attacks.

Cross$-$Site Scripting attacks may be countered by validating user input on the client side and the server side and by encoding special characters to prevent them from being interpreted as code.of the below statements are correct

The domain attribute on cookies can be set to the top$-$level domain to ensure maximum compatibility with all browsers without affecting the risk of XSS attacks.

The use of HTTPS encryption provides complete protection against Cross$-$Site Scripting attacks.

The use of VPNs and proxy servers can make it more difficult for websites to fingerprint users.

HTTP Strict Transport Security $($HSTS$)$ is a mechanism that forces the browser to only communicate with a website over HTTPS$.$