What's the goal of csrfMetaTags?

I see in views/layout/main.php file that, in the HTML header, is injected this code

<?= Html::csrfMetaTags() ?>

That is generating, at every page reload, a different token, like the following one

<meta name="csrf-param" content="_csrf">

<meta name="csrf-token" content="RXFWNWU5amN8KzxiMEMyIXUXEXtQcjozKBwPTAQJXRkDADcYLUMmIA==">

Is this to avoid CSRF (aka Sea-surf, aka XSRF) attacks? If yes, is this something that Yii 2 will care about automatically, or must I handle this param/token in someway?