We have a fairly complete list, which is discussed in the "Exchange Stack Security" section here and here .
Discovery
The purpose of this step is to identify systems within the scope and services used. It is not intended to detect vulnerabilities, but version detection may indicate outdated versions of software / firmware and, thus, indicate potential vulnerabilities.
Vulnerability Scan
, . . , , (, ).
. , , .
, , . , , , .. , , .
. . , . , , , , / . , .
Audit/Risk, . , ( , , ).
, . , , / . ( , , , )