1. Not by default. You can enable the caching of NTLM authenticated objects with the command:
http cache-authenticated ntlm
2. Yes. Note that you need to configure the following command on the child CE:
http append x-forwarded-for-header
This is because the parent CE (which is configured for authentication) uses the client's IP address a the key for the credentials in the authentication cache.
I would recommend you read the following reference material: