From the looks of it, your screenshots appear to represent an enterprise geodatabase stored in SQL Server. You also appear to be using the DBO schema rather than the SDE schema.
Have a look at this Esri help resource to learn more about user permissions for SQL Server geodatabases:
The level of permissions that a user has (u1, u2, etc.) within the database depends on what you grant to begin with. Sometimes you may grant specific permissions such as GRANT INSERT, UPDATE, DELETE, SELECT to u1 on 'TABLE1'; additionally you may wish to simply assign a role to a particular user. A role, such as 'db_owner' or 'db_datareader' has a predefined set of permissions associated with it that you should become familiar with before assigning them to user accounts. These are called Fixed Database Roles, and here is a quick once-over article on what they include: http://msdn.microsoft.com/library/ms189612.aspx. Think of the Fixed Database Roles as 'system permissions' and think of the specific grants I mentioned earlier as 'object permissions'.
So, getting back to your question, if you wish to "ban" other users from being able to perform specific operations you need to understand how the permissions work at the RDBMS level and act accordingly. To prevent exporting of data, I think you would have to simply prevent a user from connecting at all. It is my understanding that, if a user can see the data by being able to CONNECT and view a table via the ArcGIS Desktop tools, then that user can perform an export via ArcMap or ArcCatalog. Modifying domains usually requires administrative privileges to the geodatabase. I believe this would require the DBO user itself or any user who is assigned the 'db_owner' role. The ability to create a feature class would require CREATE TABLE, CREATE PROCEDURE, and CREATE VIEW permissions. I believe the 'db_owner' role would suffice here as well based on the two URLs I provided.
1. Export layers\tables: Mr. Macro has indicated too that this property can�??t be set and thus all users who have �??select�?� property will be able to export layers. At the same time, my business requirement dectates to ban users from being able to export layers while they have other permission granted.
2. Create tables\layers on the enterprise geodatabase
3. Create domains on the enterprise geodatabase
4. Delete tables\layers: this property is set by default and thus all users are not able to delete tables\feature classes
What might be the solution?
1. Any user who has access to an ArcGIS Desktop client (ArcMap, ArcCatalog) will be able to export the data if they have CONNECT and if they have SELECT privileges on the table in question. As I mentioned before, if they can "see" the data then they can export it. To prevent this, either don't give them an ArcGIS Desktop client or develop custom code to restrict specific menu options and buttons within the desktop suite of products based on the role of the user logging in. You can do this with a custom login DLL, but it's a long road to get to this point.
2. To restrict users from creating tables within the geodatabase, ensure the users do not have the CREATE TABLE privilege. As I mentioned before, I believe this can be achieved by the assigning only db_datareader role to the users.
3. Only geodatabase administrators should have the rights to create domains within the SQL Server geodatabase. That being said, if a user only has the db_datareader role then that should prevent them from being able to do this. Alternatively, simply revoking INSERT, UPDATE and DELETE on the SDE tables for a given user should also do the trick.
4. Similar to #2 above... to restrict users from deleting tables within the geodatabase, ensure the users do not have the DROP TABLE privilege. As I mentioned before, I believe this can be achieved by the assigning only db_datareader role to the users.