A script to have handy to tell you which schannel protocols are enabled / disabled for PCI or certificate compliance.
$path="HKLM://SYSTEM/CurrentControlSet/Control/SecurityProviders/Schannel/Protocols" Push-LocationSet-Location-Path$pathGet-ChildItem . |Select-Object@{ Name="Protocol" Expression={Split-Path$_.PSPath -leaf}},@{ Name="Client Enabled" Expression={(Get-ItemProperty-Path(Join-Path$_.PSPath 'Client')-ErrorAction silentlycontinue).Enabled}},@{ Name="Client DisabledByDefault" Expression={(Get-ItemProperty-Path(Join-Path$_.PSPath 'Client')-ErrorAction silentlycontinue).DisabledByDefault}},@{ Name="Server Enabled" Expression={(Get-ItemProperty-Path(Join-Path$_.PSPath 'Server')-ErrorAction silentlycontinue).Enabled}},@{ Name="Server DisabledByDefault" Expression={(Get-ItemProperty-Path(Join-Path$_.PSPath 'Server')-ErrorAction silentlycontinue).DisabledByDefault}}|ft-autosizePop-Location |