Not using 'deny by default' could lead to unauthorized access to the IoT Hub.
In Azure Console -
In Terraform -
References:https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iot_security_solution#ip_filter_deny_all