Those are more robust and interesting systems than in-game anti-cheat. Meat and potatoes type of thing.
Now client-side prediction (CSP) is in a way a performance optimization. It increases client side responsiveness. Depends on the implementation though. Each studio/game will have its own interpretation and implementation.
The best reference to it in UE5 is the character movement component. The docs do a good job of laying it all out.
Cyber security wise there’s network encryption to mitigate man-in-the-middle attacks (MiTM)… UE5 → DTLS and AES-GCM.
AGameNetworkManager handles game-specific networking management such as cheat detection (speed hacking), bandwidth management, etc.
Splitting server code from client code. Mainly this is creating modules of classes that will only ship with server builds. Great forum thread covering this.
Outside of this it’s down to your code base logic flow. For example firing a weapon should have flow logic on the client that determines if the event/action can occur at the moment of input. If so the action is executed and an RPC is sent to the server. The server should also run the exact same logic to determine on its own given the current state of the game if the action can occur. If so, do it and deduct ammo. Otherwise do nothing.
e.g. Left mouse input to fire → Is there a weapon equipped, does it have ammo, am I in a state that allows firing of weapons etc etc etc. The server should run the exact same logic.