Hi
It's easy with IIS Crypto to disable it, else it's in the registry;
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS1.0\Server
(DWORD) DisabledByDefault:=1
IIS Crypto would do the same, so I recommend of using it.
To disable port 80 it's your choice. I found it handy to have it open as you need port 80 if you want to do a redirect (HTTP->HTTPS) to the port 443 for HTTPS.
Thanks
Philippe