Security Headers setup recommendations

Hi,
I would like to configure the Security Headers settings in W3TC > Performance > Browser Cache. I cannot find a guide with recommended settings online, not even on the BoldGrid website. I found a few posts stating that W3TC Security Headers is causing problems on their site.

One online guide to W3TC settings that I have followed for configuration of other sections has no settings recommendations for the Security Headers, only states it is easier to use the HTTP Headers plugin. I researched this plugin and found many posts of people having problems with this plugin so I will avoid it.

Could you please let know if it is necessary/recommended to have security headers set up. My sitechecker website test shows as critical issue that my site has missing security headers and lists
– Strict Transport Security HSTS Policy
– X-Content-Type-Options
– Content-Security-Policy (CSP) header, and
– X Frame Options Header (But I read online I should not use it and should use the CSP header frame-ancestory directive instead, see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options. There was also a topic posted to BoldGrid about this).

If necessary to setup Security Headers, could you please let me know which settings are recommended or provide a link to a setup guide I can use? There are so many fields in the setup and I have no idea how to configure them. Researching each one would take too long.

Thanks!