Which is the best security WordPress plugins

i guess it depends on your idea of security. WordPress is one of the most commonly used platforms which makes it an easy target for attackers. Leaving your security up to plugins only is already a mistake unless its at the server level and not the site level. Meaning, if your only securing your wordpress install and not your entire hosting space then you are vulnerable. Both of the options you provided will work just fine but the back end is mainly what needs work.

If you are on a vps and have root access then have protocols and firewall setup is key. if you are on shared hosting you can't do much at a server level which is unfortunate. My biggest suggestion is not using the standard wp-admin login folder format. Change that up hving a custom admin folder is one of the most important. dont use words for the folder either. use random characters (efe516f16f51) or something like that makes it a little harder to find but still easy to search with a simple dirbuster scan. the idea is to not be 100% secure (Almost not possible) but to make it to much work that the attacker moves on to something more simple.

and to be honest, is your site even getting that much traffic that it is on someones radard? probably not.