What is best recommended for STP?
1. Ra#(config)spanning-tree vlan 5 root primary
(It will cause priority 8212)
Any switch with low priority can take over root switch status.
root guard needs to be configured to prevent it.
2. Ra#(config)spanning-tree vlan 5 priority 0
More capability when setting the priority for switch. You can even put the priority 0. But any rogue switch with priority 0 and lower mac address can take root switch status again.
So anyway root guard should be configured.
As i understood,
In normal situation all switches has priority 32678. So you can control both with root and primary command. In case of security you must put root guard option of stp, to prevent an malicious attack. Because switch with priority below the 32678 means- misconfiguration or stp attack!