Before to decide what to be enabled and disabled, you need to know what your current server setup is, as below:
1. Go to https://www.ssllabs.com/ssltest/analyze.html
2. Enter your domain into "Domain name" field: eg: vpasp.com, then click Submit button to scan your site.
3. After scanning, locate Configuration section:
3a. SSL 3 must be disabled as it is the requirement of the PCI
3b. TLS 1.0 is adviced to be enabled, as most of the ASP XML component is still using TLS 1.0 for hand shaking
3c. TLS 1.2 must be enabled by the requirement of the PCI
Note: If you have above setup, your protocol support section should be score at least A-
You can refer to https://technet.microsoft.com/en-us/library/dn786418.aspx on how to Enable/Disable Cipher protocol