How do you create a deidcated forest root domain? I'm familiar with Active Directory and have used dcpromo.exe in 'Advanced Mode' but I'm not sure how to create a deidcated forest root domain?
Whilst I'm here will domain controllers that are a member of a forest still work if their forest was to go offline?
I think you're talking about the "empty root" Active Directory design strategy. This is where you create a forest root domain that, ultimately, has no users or resources in it, and is just used as a parent for child domains containing resources.
To do this, you just create the new forest as you normally would for a new AD deployment using DCPROMO. Then, you create your child domains on your child DCs. There's nothing special you do during the creation of the forest root domain.
"Empty root" is only a political structure today. It's been show that "empty root" provides no security. A "Domain Admin" in any child domain can make themselves into an "Enterprise Admin" fairly easily.
When you ask "Whilst I'm here will domain controllers that are a member of a forest still work if their forest was to go offline?", I think you're asking "What happens if I lose all the forest root domain controllers?"
That would be bad. You might be able to engineer around Kerberos trust path issues that would occur using shortcut trusts, but in general you don't want to lose all the domain controllers in the forest root domain or you're looking at rebuilding the entire forest. Don't do that(tm).
Edit:
You should always try and use a single domain whenever possible. Unless you have the need for multiple password policies (and can't use the granular password policy functionality in Windows 2008 Active Directory) try hard to stick to a single domain.
Empty root doesn't really make much sense today, except in political situations where some part of an organization can't "accept" that the forest root might be "owned" by someone else. (Even then, that's just a bogus political argument because, technically, the empty root strategy has no security "teeth".)
Multi-domain deployments are valid when you need to have multiple passwords or you want to constrain the scope of replication of the full domain NC (or, I suppose, if you wanted to use SMTP-based AD replication). If you don't have those needs, you really don't need multi-domain.
If you really do need isolation between parts of an organizaiton, protection for the AD schema / configuration, and tightly constrained delegation of administration between different parts of the organization then you probably want a multi-forest infrastructure (though this is the most complex and tiresome type to administer).
The first domain you create in a forest is automatically the forest root domain, you don't have to do anything special, just tell the DCPromo wizard that it is a new domain in a new forest and thats it.