It is a good practice to encrypt your Web.config file if you have sensitive information there, for example a connection string with password.
With the ASP.NET IIS Registration tool (Aspnet_regiis.exe) you can easily encrypt specific sections of Web.config file. A command with elevated privileges is...