Using security filtering to apply GPOs only to particular groups of users or computers is an extremely powerful capability, and I find that it is typically the lowest level of filtering that the average Group Policy administrator takes in most domains. I would completely understand if you stopped here and did not read this last section of the chapter. However, at some point, you may discover a need to filter the scope of a GPO even further, or perhaps all of this group creation just for the purposes of filtering a GPO sounds like unnecessary work (after all, you do then have to administer those groups and group membership on an ongoing basis).
WMI filters are a way to narrow the focus of your GPO filtering ...