Does IIS7 have in-built, or available extensions, for responding to scan attempts?
Solution 1:
The Microsoft UrlScan tool is probably a good thing for you to look at. Microsoft does a fairly poor job, IMO, promoting the tool. You can find some good third-party references on it, thought. In a nutshell, it's an add-on to IIS that allows you to create filtering rules for requests and has a logging mechanism adjunct to IIS's own logging. It's a pretty neat tool.
Solution 2:
The Request Filtering Module is a built-in module (installable as an IIS Role Service through Roles in Server Manager) that has rough feature parity with URLScan, but uses the IIS configuration system instead of INI files.
Wade's blog covers a sample dictionary to prevent common SQL Injection attacks.