I do not know if this is a false positive or not but i had done my initial scans across my domain servers and found old cipher suites still active. I went ahead and removed them from registry and anywhere else i could find but they still show as enable with scanning. The main one i am concerned with is SSL/TSL SWEET32 vulnerability. I have disabled all SSL and TLS1.0/1.1 as well as the associated ciphers such as Triple DES and RC4, yet the scan still comes up with these entries along with medium entries saying TLS1.0/1.1 are still open.