Western Governors University (WGU) ITAS6291 D488 Cybersecurity Architecture and Engineering Practice Exam

SHA-1 (Secure Hash Algorithm 1) was indeed the NIST standard that was replaced in 2005 due to identified vulnerabilities. SHA-1 was widely used for many security applications, including SSL certificates and digital signatures. However, over the years, cryptanalysts discovered weaknesses in its design that made it susceptible to collision attacks, where two different inputs could produce the same hash output. This was particularly problematic because it undermined the integrity assurance that hashing algorithms are supposed to provide.

The release of attacks demonstrating practical ways to exploit these vulnerabilities prompted NIST to recommend stronger alternatives, leading to the adoption of SHA-256 and later SHA-3 as more secure hashing standards. SHA-256 is part of the SHA-2 family, which addresses the security flaws found in SHA-1. Conversely, MD5 and SHA-3 are either outdated and less secure (in the case of MD5) or a newer standard (SHA-3) that was developed after SHA-1’s vulnerabilities were recognized. Thus, the historical context and progression of hashing algorithms underlines why SHA-1 is the correct answer, reflecting its status as the deprecated NIST standard.