The IIS Lockdown tool reduces the attack surface of IIS-dependent Microsoft products by disabling unnecessary features, such as FTP, SMTP, and NNTP. NOTE: The IIS Lockdown automates many of the hardening steps listed in this document. The default settings for IIS 6.0 should not require hardening. NOTE: Nessus did not perform this check as it requires manual verification the system has been hardened by the IIS Lockdown tool. NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.