Security levels are assigned by the administrator who is adding the user. There are four levels by default and additional levels can be composed as necessary.
Reader - Has read-only access to the Web site.
Contributor - Can add content to existing document libraries and lists.
Web Designer - Can create lists and document libraries and customize pages in the Web site.
Administrator - Has full control of the Web site.