What is the first step in deploying Identity Awareness?

The correct answer is C. The first step is to enable Identity Awareness on the relevant Security Gateway or cluster object in SmartConsole. Only after enabling the blade does the administrator configure the identity sources and identity-sharing behavior required by the environment. Option B is logically next, but not first, because source configuration depends on enabling Identity Awareness on the enforcement component. Option A, publishing session changes, is necessary after making configuration changes, but it is not the first deployment step. Option D, installing policy, occurs after the blade and policy elements are configured and published. The proper workflow is: enable Identity Awareness on the gateway, configure identity sources such as AD Query, Identity Collector, Browser-Based Authentication, RADIUS Accounting, or Identity Web API, create Access Role objects, use them in policy, publish, and install policy. Reference topics: Identity Awareness deployment, enabling Identity Awareness, identity sources, Access Roles.