I’m not certain why SSL 2.0 isn’t disabled on Windows Server 2008 by default, but here is the KB article to remember to do that on your system.
How to test if you accept SSL 2.0 using IE is go to Internet options > Advanced > Under Security. Toggle the various levels. Uncheck everything and leave 2.0 checked, which I think in IE8 is turned off by default. It took me a couple tries to understand the concept after disabling SSL 2.0 on my IIS 7 server. This is one necessary item for PCI compliance among many others. 🙂