The user will be able to run the queries, but they will get 0 results unless you specifically grant them access to the specified table.
eg. SELECT * FROM sys.tables
will return 0 results for any new user without any permissions other than CONNECT or the public database role (as long as that role has no other permissions granted to it).