Security settings are maintained in the permissions table inside the database.   When you copy the live database to the Test and Learn database, security settings are copied as well.   This is typically done to ensure that information that is not to be seen by all staff continues to be private in the Test and Learn database as well.  

For example, if anonymity information, payroll information or certain notepad letters in profiles are considered information only one person has access to, you should have the same level of protection available in a copy of the database as you would in the original.   However, if you are doing a project and need access to tools, file maintenance items or reports that might be closed off to you in the live database, you can change the security settings in the test and learn database and these new settings will be retained until the database is overwritten by the live database.   In this case, it is important to coordinate your activities with the person who copies the live data to Test and Learn.