The jailshell accounts mean that those users will be able to login to a fairly restrictive but still useful shell account via SSH (firewall and maybe other settings permitting).
The "noshell" ones are more secure as it's one less way in to the server. However, the "jailshell" is pretty secure. If you want to limit the ways in to the server and the possibility of someone doing something silly, it's best to disable it.
As for making the default "noshell", it's in WHM somewhere. I haven't used WHM for years so don't remember, just poke around till you find it, or look in the manual. (or someone else can tell you on here).