One of my favorite all-around Nmap commands is:
sudo nmap -Pn -sS -sV -O -A --script=vuln --reason --traceroute -p- -T4 192.168.1.10
It skips host discovery (-Pn), performs a SYN scan (-sS), scans every TCP port (-p-), detects service versions (-sV), attempts OS fingerprinting (-O), enables advanced detection (-A), runs the vulnerability NSE scripts (--script=vuln), explains why ports are in each state (--reason), and even traces the route to the target (--traceroute).
It's not a command I'd run casually against every host, but it's a great example of how much information Nmap can gather in a single scan when you're performing an authorized security assessment.
Nessus
"The worm knows"