Technical Lab: Configure caching
Questionsβ
Question 1 β Multiple Choiceβ
A development team uses Azure CDN to distribute static assets from a global web application. The team notices that file updates take time to propagate to end users, even after deployment. The responsible engineer decides to force cache expiration without changing the file URLs.
Which mechanism should be used to achieve this goal directly at the CDN level?
A) Change the Cache-Control: max-age value on the origin server to zero and wait for natural expiration
B) Execute a purge (forced cleanup) of cached content in the CDN POPs
C) Temporarily disable the CDN endpoint and reactivate it after deployment
D) Configure a routing rule that redirects traffic directly to the origin
Question 2 β Technical Scenarioβ
An engineer configures Azure Front Door with caching enabled for a REST API. After deployment, he notices that responses from different authenticated users are being delivered cross-wise, meaning user A receives cached content generated for user B.
The relevant configuration snippet is:
{
"cacheConfiguration": {
"queryStringCachingBehavior": "IgnoreQueryString",
"dynamicCompression": "Enabled",
"cacheDuration": "1.12:00:00"
}
}
What is the most likely cause of this behavior?
A) The cacheDuration value is too high, causing expired tokens to be delivered
B) The dynamicCompression option forces the cache to ignore origin response headers
C) Caching is being applied to dynamic content personalized per user, without differentiation by identity in the cache key
D) The IgnoreQueryString behavior causes conflict with routes authenticated by URL parameter
Question 3 β True or Falseβ
Azure CDN, when configured with the Cache-Control: no-store rule in the origin response, ignores this directive and stores the content in cache according to the duration configured in the CDN profile rules.
True or False?
Question 4 β Technical Scenarioβ
A company uses Azure Front Door Premium to distribute an application that serves both static content and dynamic API responses. The team wants Front Door to cache static pages, but never store responses from /api/* endpoints.
Which approach implements this requirement correctly and sustainably?
A) Disable caching globally in the Front Door profile and use Expires headers at the origin for static assets
B) Create separate routing rules: one with caching enabled for static paths and another with caching disabled for /api/*
C) Configure queryStringCachingBehavior as UseQueryString on API endpoints to prevent caching
D) Set cacheDuration as 00:00:01 for dynamic endpoints, reducing TTL to operational minimum
Question 5 β Multiple Choiceβ
An architect compares caching behavior between Azure CDN Standard from Microsoft and Azure Front Door to decide which to use in a scenario requiring granular cache key control by custom HTTP header.
Which statement correctly describes the capacity difference between the two services in this aspect?
A) Both services support creating cache keys based on custom HTTP headers with the same granularity
B) Azure CDN Standard from Microsoft does not support cache key customization by HTTP header; Azure Front Door offers this capability via Routing Rules
C) Azure Front Door does not support cache variation by HTTP header; only by query string and HTTP method
D) Cache key customization by HTTP header is only available in Azure CDN from Verizon Premium, not in Front Door
Answer Key and Explanationsβ
Answer Key β Question 1β
Answer: B
Purge is the specific mechanism to invalidate content stored in CDN POPs (Points of Presence) without depending on natural TTL expiration. It acts directly on the distributed cache, forcing the next request to fetch updated content from the origin.
Alternative A describes a valid strategy for new requests, but depends on existing cache expiration, which can take hours or days. Changing max-age to zero does not remove content already stored in POPs. Alternatives C and D represent routing infrastructure interventions that have no direct effect on cached content and introduce unnecessary operational impact.
Answer Key β Question 2β
Answer: C
The central problem is that caching is being applied to user-personalized responses without user identity being part of the cache key. By default, Azure Front Door builds the cache key based on URL and, as configured, query string behavior. If authentication is based on cookie or Authorization header, these values do not integrate into the cache key by default, causing responses from different users to share the same cache entry.
Alternative A is incorrect because cacheDuration controls cache lifetime, not segregation between users. Alternative B is incorrect because dynamicCompression acts on payload compression, without interfering with cache key logic. Alternative D is partially plausible, but IgnoreQueryString alone does not cause the described leakage when authentication does not depend on query string.
Answer Key β Question 3β
Answer: False
Azure CDN respects the Cache-Control: no-store directive when sent by the origin. Content marked with no-store is not cached by POPs, regardless of duration settings defined in the CDN profile. The origin directive takes precedence over profile cache rules when cache behavior is configured as Honor origin or equivalent.
This is a common misconception: believing that CDN profile rules always override origin headers. In practice, behavior depends on the configured cache mode. Only when the mode is set to Override do profile settings ignore origin headers.
Answer Key β Question 4β
Answer: B
Azure Front Door allows creating multiple routing rules with path pattern matching. The correct approach is to create a rule for static paths with caching enabled and a specific rule for /api/* with caching explicitly disabled. This model is sustainable because control is declarative, centralized, and does not depend on origin behavior.
Alternative A is unfeasible because disabling caching globally eliminates the benefit for static content. Alternative C is a conceptual mistake: UseQueryString varies the cache key by query string, but does not prevent response storage. Alternative D is technically incorrect as a security solution: a one-second TTL still allows responses to be cached and delivered, which can be problematic for sensitive or real-time data.
Answer Key β Question 5β
Answer: B
Azure CDN Standard from Microsoft has more limited cache key customization capabilities compared to Azure Front Door. Front Door, through its Routing Rules mechanism (Rules Engine), allows including specific HTTP headers in cache key composition, enabling response variations by custom header.
Alternative A is incorrect because the two services do not have parity in this aspect. Alternative C reverses reality: it is exactly Front Door that offers this capability. Alternative D confuses product layers: CDN from Verizon Premium had its own more advanced Rules Engine in previous versions, but the statement incorrectly denies Front Door's capability, which does not correspond to the current service architecture.