HKLM\System\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002 Functions This controls the preferred order and what is acceptable when the transport security is negotiatedīetween server/webserver and client/browser. In order to direct how the transport security is negotiated in this more granular level, they will also need to look at the content and ordering of the Functions list. This is not fully covered in that answer.
The linked article is a very good description for how to enable and disable cipher suites like SSL 2.0 etc, but SH's pen test comments posted are also concerned about the mode of operation of the ciphers used - specifically about removing the use of CBC (Cipherīlock Chaining) and using Counter (CTR) or Galois Counter (GCM). While not 'incorrect' Steven's answer is incomplete.