I was aware of what contained databases are...
At first I thought this was a trick question, because if you can't use AD credentials against a contained database then what good are they? After all the best practices recommendation is to use Windows authentication for everything SQL related.
Then I was like, ok so if it's a trick question, why would anybody want to use this? And then I was like, why in the world would you be able to only use groups or users but not both?
Finally I went with my original answer and got it right 🙂 Yay me?