Regarding a generic pentest for servers and central software,
a) would you recommend the "OWASP Top 10" profile?
b) Does the "Full scan" includes this OWASP profile and also add extra tests?
c) In other words, are there significant differences between OWASP and a full scan?
a: Yes it is good profile or just use the Best Scan it can check for more things
b: Yes same as best scan. The difference is it do 65k ports where best scan do the 2-3000 most popular ports
c: Full scan will scan for more things so it is recommended or best scan