This example is just for securing SNMP. Please note that this single filter is not enough, as it would discard ALL other traffic (SSH, RADIUS, Routing Protocols, ...) and make you device dead, so you need to adapt your RE protection with the help of the mentioned book.
set snmp community "<your SNMP community>" authorization read-only
set snmp community "<your SNMP community>" clients <the IP address which is allowed to query your Router>
set policy-options prefix-list snmp-servers apply-path "snmp community <*> clients <*>"
set firewall family inet filter protect-re term allow-snmp from source-prefix-list snmp-servers
set firewall family inet filter protect-re term allow-snmp from protocol udp
set firewall family inet filter protect-re term allow-snmp from destination-port snmp
set firewall family inet filter protect-re term allow-snmp then accept
set firewall family inet filter protect-re term default-deny then discard