One of two types of groups in Microsoft Windows 2000 that are created and stored in Active Directory; the other is distribution groups. Security groups are used for grouping accounts and for controlling access to resources, much in the same way that global groups and local groups are used in Microsoft Windows NT–based networks. (In other words, all groups in Windows NT are security groups.) Security groups are security principals that can contain other security principals such as user, group, and computer objects from Active Directory.
Security groups come in three types: