A downlink single-input single-output nonorthogonal multiple access system is considered in which a base station (BS) is communicating with two legitimate users in the presence of an external eavesdropper. A group of trusted cooperative half-duplex relay nodes, powered by the BS, is employed to assist the BS's transmission. The goal is to design relaying schemes such that the legitimate users' secrecy rate region is maximized subject to a total power constraint on the BS and the relays' transmissions. Three relaying schemes are investigated: cooperative jamming, decode-and-forward, and amplify-and-forward. Depending on the scheme, secure beamforming signals are carefully designed for the relay nodes that either diminish the eavesdropper's rate without affecting that of the legitimate users, or increase the legitimate users' rates without increasing that of the eavesdropper. The results show that there is no relaying scheme that fits all conditions; the best relaying scheme depends on the system parameters, namely, the relays' and eavesdropper's distances from the BS, and the number of relays. They also show that the relatively simple cooperative jamming scheme outperforms other schemes when the relays are far from the BS and/or close to the eavesdropper.