Whenever I reset these Juniper SRX firewall to its "factory-defaults", they are always pre-configured with specific settings which is explained in the below factory default for a Juniper SRX220 firewall.
# Specific DNS servers
set system name-server 208.67.222.222
set system name-server 208.67.220.220
# VLAN 0 configured with web management enabled
set system services web-management http interface vlan.0
set system services web-management https system-generated-certificate
set system services web-management https interface vlan.0
# DHCP service enable for 19.168.1.0/24
set system services dhcp router 192.168.1.1
set system services dhcp pool 192.168.1.0/24 address-range low 192.168.1.2
set system services dhcp pool 192.168.1.0/24 address-range high 192.168.1.254
set system services dhcp propagate-settings ge-0/0/0.0
# Untrust Zone enabled, default IDS protection and mapped to the first interface
set security zones security-zone untrust interfaces ge-0/0/0.0 ...
set security zones security-zone untrust screen untrust-screen
set security screen ids-option untrust-screen ...
# Security policy permit from Trust to Untrust
set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
# NATting from Trust Zone to Untrust Zone
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
# All other interfaces configured as ethernet switch ports and member of VLAN0
set vlans vlan-trust vlan-id 3
set vlans vlan-trust l3-interface vlan.0
set interfaces vlan unit 0 family inet address 192.168.1.1/24
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/6 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/7 unit 0 family ethernet-switching vlan members vlan-trust
Sometimes, we plan to deploy these firewalls other than this scenario. Below are the set of commands to clear these defaults and set the firewall to a pristine configuration retaining only the "root" password.
# These commands will clear SRX220 factory settings
delete system autoinstallation
delete system name-server 208.67.222.222
delete system name-server 208.67.220.220
delete system services telnet
delete system services xnm-clear-text
delete system services web-management http
delete system services web-management https interface vlan.0
delete system services dhcp router 192.168.1.1
delete system services dhcp pool 192.168.1.0/24
delete system services dhcp propagate-settings ge-0/0/0.0
delete interfaces ge-0/0/0
delete interfaces ge-0/0/1
delete interfaces ge-0/0/2
delete interfaces ge-0/0/3
delete interfaces ge-0/0/4
delete interfaces ge-0/0/5
delete interfaces ge-0/0/6
delete interfaces ge-0/0/7
delete protocols stp
delete vlans
delete interfaces vlan
delete security
Hope this helps!