User activities combine web categories, file types, and URL groups in one container. You can include user activities in policies to control access to websites or files that match any of the criteria specified.
Combining categories and URL groups in a user activity
The following user activity combines the spyware and malware web category with a group of URLs that are known to be unsafe.
The user activity is added to the default policy. If the traffic matches either the spyware and malware category or any of the URLs specified, the user activity applies and the traffic is blocked.