The three protection levels in IIS are as follows:
Low (IIS process): This setting is similar to the default settings under IIS 4.0. All web pages, whether it is HTM or ASP, run in the INetInfo.exe process.
Medium (pool): This is the default setting. As in IIS 4.0, this setting starts a separate process of DLLHOST.exe, all ASP and COM components run within that process. This process is launched by the IWAM_MACHINE account, which is also the same as IIS 4.0. In addition, this setting is also referred to as a pool because all Web sites running in IIS share this DLLHOST.exe process when performing an ASP page. Note that Windows 2000 replaces MTX.exe with DLLHost.exe.
High (independent): This setting launches a dedicated DLLHOST.EXE process for each web site or application. If there are 5 Web sites, each site's protection level is set to "High", there will be six DLLHOST.EXE processes: five DLLHOST.EXE processes and an additional dllhost.exe process, which is incremented by COM Launched under the system application.
