Ensure RC4 Cipher Suites is disabled

Best practice for systems running IIS, part of Hardening IIS:

Manual verification

Ensure the following keys do not exist or are set to 0:

REG QUERY "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128\Enabled" /v "Enabled" 
REG QUERY "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128\Enabled" /v "Enabled" 
REG QUERY "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128\Enabled" /v "Enabled" 
REG QUERY "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128\Enabled" /v "Enabled"

Implement Recommended Configuration

Set Registry key

REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128" /f /v "Enabled"  /t REG_DWORD /d 0x0
REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128" /f /v "Enabled"  /t REG_DWORD /d 0x0
REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128" /f /v "Enabled"  /t REG_DWORD /d 0x0
REG ADD "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128" /f /v "Enabled"  /t REG_DWORD /d 0x0

Use IIS Crypto

IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016. It also lets you reorder SSL/TLS cipher suites offered by IIS, implement best practices with a single click, create custom templates and test your website.

Nessus audit file check

<custom_item>
 type : REGISTRY_SETTING
 description: "IIS800037:Disable Weak Cipher Suites - 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128\Enabled = 0':IIS8"
 value_type : POLICY_DWORD
 reg_key : "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128"
 reg_item : "Enabled"
 value_data : 0
 reg_option : CAN_BE_NULL
</custom_item>

<custom_item>
 type : REGISTRY_SETTING
 description: "IIS800038:Disable Weak Cipher Suites - 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128\Enabled = 0':IIS8"
 value_type : POLICY_DWORD
 reg_key : "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128"
 reg_item : "Enabled"
 value_data : 0
 reg_option : CAN_BE_NULL
</custom_item>

<custom_item>
 type : REGISTRY_SETTING
 description: "IIS800039:Disable Weak Cipher Suites - 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128\Enabled = 0':IIS8"
 value_type : POLICY_DWORD
 reg_key : "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128"
 reg_item : "Enabled"
 value_data : 0
 reg_option : CAN_BE_NULL
</custom_item>

<custom_item>
 type : REGISTRY_SETTING
 description: "IIS800040:Disable Weak Cipher Suites - 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128\Enabled = 0':IIS8"
 value_type : POLICY_DWORD
 reg_key : "HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128"
 reg_item : "Enabled"
 value_data : 0
 reg_option : CAN_BE_NULL
</custom_item>