Terraform makes every possible attempt to not interfere with anything that it doesn't manage. Normally this would only be things that Terraform has created and has in its state file but this can now also include things created outside of Terraform and then imported into the state file.
If you have a resource that has some form of unique identifier that is configurable by yourself (such as the name of an ELB) Terraform will not realise there is an issue and plan on creating said resource. During the actual apply the provider (such as AWS) should then return an error saying the resource already exists but this is technically down to the provider's API and it's possible that some provider might make that an update instead. In your case you are using AWS and so the AWS API will return an error saying the resource already exists.
If the resource is instead uniquely identified by something outside of your control (such as EC2 instances and indeed security groups) then Terraform would simply create more of that resource and simply tag them the same.
Because Terraform identifies the things it is allowed to manage by its state file this is why it is very important to look after this state file and make sure that it's always available to anyone/anything that will run Terraform and as such should use remote state to allow sharing of these state files.
