I'm not sure I understand what the "Scan public facing site" option does. Can you explain?
The free version of Wordfence does a full scan of all files on your system. It also scans your database tables including your comments, users table, posts and pages. This is an extremely effective and high performance way to find security vulnerabilities. In general it is far superior compared to remote scans of your site, because remote scans don’t know the location of all your files and don’t have access to your database.
However in some cases it’s useful to scan the final rendered version of your website. For example, if a hacker has managed to craft PHP code that our server scan misses, then the code will usually generate something malicious that appears on the final rendered version of your website. The “public facing” scan will scan the final rendered version of your site and catch this.
As we become aware of hacks like this, we update the server code to catch the intruder. But we include this feature as a backup measure for extra security to make sure that you are given the most comprehensive security scan in the business.