I posted on this topic with an hold handle... but you would need to add a registry key...
From:
https://www.lansweeper.com/forum/yaf_postst15025_Handy-files-or-registry-items-to-scan.aspx#post5106...Make sure TLS 1.0 is disabled on servers:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0
Valuename: Enabled
Value = 0 (Disabled) Value = 1 (Enabled)
Then to start off, you can look at the report - Windows: Registry Scanning results and modify the WHERE clause to add:
WHERE
tblRegistry.regkey like '%HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0%' and tblRegistry.valuename = 'Enabled'