Currently, I am assessing the Vulnerability of one of the websites and one of the points I am looking at is how can I prevent my website from potential clickjacking attacks?

I am no expert in this domain, but I have a few observations so far,

1. Missing X-Frame-Options header means that this website could be at risk of a clickjacking attack.
2. The X-Frame-Options HTTP header field indicates a policy that specifies whether the browser should render the transmitted resource within a frame or an iframe.
3. Servers can declare this policy in the header of their HTTP responses to prevent clickjacking attacks.

As I said, I am no expert in this field so looking forward to hear some ideas of how can I use X-Frame-Options header from preventing clickjacking attacks?