I tried looking for this in the javadocs and online but couldn't find a definitive answer. The answer by Dan Dyer in

How to solve performance problem with Java SecureRandom?

Seems to suggest SHA1PRNG does not use any system resources for entropy. Is this correct?

No, in the default Oracle implementation it uses system resources, unless you seed it before calling nextBytes(). From the Sun/Oracle documentation of SecureRandom:

The SecureRandom implementation attempts to completely randomize the internal state of the generator itself unless the caller follows the call to a getInstance method with a call to the setSeed method:

 SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
 random.setSeed(seed);