For IIS7...

In order to disable SSL 2.0 and SSL 3.0 in IIS 7 and make sure that the stronger TLS 1.0 is used, follow these instructions:

1. Click Start, click Run, type regedit, and then click OK.
2. In Registry Editor, locate the following registry key/folder: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
3. Right-click on the SSL 2.0 folder and select New and then click Key. Name the new folder Server.
4. Inside the Server folder, click the Edit menu, select New, and click DWORD (32-bit) Value.
5. Enter Enabled as the name and hit Enter.
6. Ensure that it shows 0x00000000 (0) under the Data column (it should by default). If it doesn't, right-click and select Modify and enter 0 as the Value data.
7. Now to disable SSL 3.0, right-click on the SSL 3.0 folder and select New and then click Key. Name the new folder Server.
8. Inside the Server folder, click the Edit menu, select New, and click DWORD (32-bit) Value.
9. Enter Enabled as the name and hit Enter. Ensure that it shows 0x00000000 (0) under the Data column (it should by default). If it doesn't, right-click and select Modify and enter 0 as the Value data.
10. Restart the computer.
11. Verify that no SSL 2.0 or SSL 3.0 ciphers are available: http://www.serversniff.net/content.php?do=ssl

Reference: https://www.sslshopper.com/article-how-to-disable-ssl-2.0-in-iis-7.html

Also see: https://serverfault.com/questions/637207/on-iis-how-do-i-patch-the-ssl-3-0-poodle-vulnerability-cve-2014-3566

I use the free tool IIS Crypto which is available both as a GUI and command line version. It is much easier than modifying the registry.

Ideally, just three clicks, (open program, select Best Pratices and Apply. You still have to restart the server.