What are some best practices that should be followed when installing IIS Web Server?

What will be an ideal response?

The following best practices should be considered when installing IIS:
* Set the firewall on your network or server (or both) to block unneeded applications (and to close unused TCP and UDP communication ports), focusing on allowing primarily HTTP and HTTPS.
* Place the web server in a demilitarized zone.
* Use only those applications and services that are necessary on the web server, this includes omitting use of FTP services and applications, if FTP is not needed.
* Keep current with security patches to Windows Server 2016, IIS, and the applications on the web server.
* Keep logs of all user activity and regularly monitor those logs.
* Consider installing traps (sometimes called "honey pots") to help identify attacks when they occur.
* Install and regularly use scanning, malware, and intrusion detection software.