Which instruction belongs in documented procedures to inspect devices for tampering or substitution?

This question focuses on the need for a clear, repeatable process to verify the physical integrity of payment devices. The right instruction is to inspect device surfaces for tampering and substitution because that direct, observable action helps detect if a device has been altered or replaced by an attacker. Regular surface inspections (and looking for signs like broken seals, unusual wear, or mismatched components) are a practical way to catch tampering early and protect cardholder data. Other options don’t fit: replacing devices monthly regardless of condition wastes resources and doesn’t verify security; ignoring changes to device serial numbers misses a key indicator of substitution; skipping inspections undermines the purpose of having documented procedures for tamper detection.