What feature can secure a switch interface against a rogue switch running STP?

The feature that secures a switch interface against a rogue switch running Spanning Tree Protocol (STP) is BPDU protection. This feature is designed to prevent the reception of Bridge Protocol Data Units (BPDUs) on interfaces configured as edge ports.

When BPDU protection is enabled on an interface, if any BPDUs are received on that port, the interface is automatically placed into an err-disabled state. This effectively secures the interface from being affected by a rogue switch that might be trying to send BPDUs and disrupt the existing topology. By preventing any BPDUs from being processed on ports that are intended to connect only to end devices, BPDU protection helps maintain the integrity of the Ethernet network and ensures that legitimate end-user devices remain operational without interference from improperly configured switches or malicious devices.

Other features mentioned, such as edge protection, rogue protection, and root protection, serve different purposes in the context of network security and topology management. Edge protection deals with ensuring that edge ports do not participate in STP, rogue protection typically refers to measures against unauthorized devices, and root protection is geared towards preventing unauthorized switches from becoming the root bridge in a spanning tree topology. Each of these features has its own specific function but does not specifically