A logout should log you out .
If you want to prompt the user ('are you really sure you want to log out?') is up to you. Most sites don't.
If the user is on a 'logged in only' page when he logs out, then you should redirect him to a 'visible to all' page (the home page for example). If he is on a 'visible to all' page already, there's no need to redirect.
How? All three methods you list seem ok to me. The first is the most drastic. If you store other information in the session as well that you may need even if the user isn't logged in, then I'd go with 2 or 3.