I have done this a few times. Its a pain to figure out the first time. Basically, there is a .net command line tool that you can use to encrypt sections of a web.config file.
Now, you have to encrypt the file on the pc/server it will reside on. This is because the encryption is done using keys specific to that machine. This makes it a pain because the web.config file will be different on your local pc and on the server.
Because of this I recommend first moving the connection strings into a separate config file. This way you can move that file to the server when ready and encrypt that file only. You can continue to make changes to the web.config file and deploy with out undoing your encryption.
It will look something like this in the web.config file to point to a separate file for connection string.
<connectionStrings configSource="ConnectionStrings.config">
Article to move connection strings to a separate file:
ASP.NET MVC: Keep Private Settings Out of Source Control | John Atten[
^]
To encrypt web.config file
How to: Encrypt a web.config File[
^]
Good luck!