1: Am I right in assuming that the server that SEP is installed on is protected as well? How do I set up scans etc on the server?
Ans: Yes, We need SEP on the server as well to keep it protected.If it is managed, you can set up scans from the SEPM>policies>Antivirus and Antispyware policy.And if it is unmanaged you can go in SEP>>scan for threats and create a new scan.
2. Once I have installed the clients, if I make a change - say for example imposing password protection on their clients, - do I need to reinstall the clients, or will this change get passed out to them automatically?
Ans: No,you dont have to reinstall the lcient.Any policy changes that you make will get propogated to the client in short time say 5 mins.
3. I notice that there are somoe install packages automatically created for me under Admin > Client Install packages. Can I simply use these?
Ans: Yes, if you push client install from the SEPM, those packages will be used.
...Barkha