(ISC)2 Certified in Cybersecurity Practice Exam

SHA-1 produces a hash output that is 160 bits in size. This means that when you apply the SHA-1 hashing algorithm to any input data, the result will always be a fixed size of 160 bits, which is typically represented as a 40-character hexadecimal string. The design of SHA-1 allows it to take variable-length input and produce this standardized output size. Understanding the bit size is crucial in the context of cybersecurity because it directly relates to the security strength of the hash function. A larger hash size generally indicates a more secure hash, as it provides a larger set of potential hash values, making it harder for attackers to successfully perform collision attacks—where two different inputs produce the same hash output. In contrast, the other options refer to different hash functions or sizes. For instance, MD5, another hashing algorithm, provides a 128-bit output, while SHA-256 and SHA-512 yield 256-bit and 512-bit outputs respectively. However, SHA-1 is distinctly identified by its 160-bit output, which is critical for understanding its place and implications in cybersecurity practices.