Here, I group backups into two categories: file backup and system backup. You should do both regularly, either at a fixed interval (automatically) or manually when enough changes have occurred.

1. File backup

File backup is a type of backup that copies selected files to another location, ideally to another drive which is well separated from its source. Depending on some parameters involved it can also be more sophisticated than that. For example, you could compress the files, encrypt them, save different versions of files (from different dates) and so on.
This type of backup is usually performed from within the main operating system.

There are several ways to do that. One is to simply copy and paste the files to another drive using your file manager (eg. Windows Explorer).
Then you could use a dedicated backup program. There are many to choose from. Some offer automatic scheduled backups, verification of the copied files and many other features you might find useful.

A backup method needs to be easily accessible, so that you don’t have the excuse of not using it because it’s too much work. There are automatic scheduled backups, which I already mentioned, but another simple way is to copy files with a script using something like Robocopy or FastCopy. If you prefer compression (with a password), I can recommend archiving with 7-zip, which also offers differential backups.

2. System backup

System backup is different, since it usually can't be performed by manually copying a bunch of files. It usually requires a tool, a program that will be able to make an exact copy of the system partition in an intelligent way. Among other things, this means that the system backup will be compressed to take less space. I have had more success with full system backups than with System Restore, which in my experience is not very reliable and has in some cases even messed with the normal functioning of the OS.

Once you have this system partition copy safely stored somewhere (on a different drive) you can use it in case anything goes wrong with the system. Whether some malware infects it or whether the system drive dies and you need to replace it, you can re-use the system partition backup. To do that, you use a bootable recovery tool to either replace the current—compromised—system partition or copy it onto a brand new drive. In both cases you'll get the system back exactly to the same state it was when you made the backup.

To avoid big backups I recommend keeping the system partition (C:\) as small as possible. More exactly: the partition itself doesn't need to be small—free space doesn’t affect the backup size—but you should keep files that don't belong there (movies, pictures, music, ...) somewhere else. Another way to avoid huge backup files are incremental or differential backups. Those contain only the changes (updates, new programs) which were added since the last backup.

There are several tools for this job, such as Macrium Reflect, Acronis True Image, EaseUS Todo Backup etc. Some offer free versions as well. Macrium Reflect is my current favorite, but the free version of Todo Backup has more features, for example incremental backup.
Windows also includes a system backup tool (Backup and Restore → Create a system image), but I don't recommend it, since it can do some unpredictable things, it doesn't compress very well and it doesn’t do incremental backups.

3. Storing the backup files

A proper backup requires copying data from one physical drive to (at least) another. Here, I'll also remind you to occasionally test your drives for errors. Now let's examine the most commonly used media for backups:

1. second internal drive
This is the most convenient option, since it’s always there, ready to be used. Also copying from one internal drive to the next is pretty much the fastest possible way. The downside is that if something happens to your PC, you could lose both copies at the same time.

2. external drive
This can protect you in case of some accident with the PC, if you keep this drive disconnected and away when not in use. With USB 3 or eSATA you can get very good speeds as well. Reliability is generally good. Watch out for extreme temperatures and movement shocks.

3. optical media (CD/DVD..)
Optical media can be cheap and convenient, especially if you don’t need to store big amounts of data. But in most cases it’s also not very reliable. Very often a CD-R or DVD-R will start showing errors only a few years after it was burned (on the other hand, factory-pressed CDs and DVDs are produced in a different way and usually last much longer). Optical media is OK as an additional backup, but I don’t recommend it as the primary backup solution.

4. USB flash drive
A flash drive has the advantage of being smaller than an external HDD. It can also run without additional power, which makes it very portable. You might have to pay a premium price to get fast write speeds, though. Reliability varies a lot. Big amounts of reads and writes can wear them out quicker.

5. remote/online storage
If your house burns down it won't help if you only made local backups. That's why remote backups are a good idea, at least as an additional backup solution. Nowadays it's easy to do them via internet, assuming you have a decent upload speed or you don't need to upload a lot of data. There are several online services that offer some free storage space, like Box, Google Drive, Adrive, Dropbox, OneDrive etc. If you value your privacy and data safety you should encrypt the files with a strong password before uploading them. Any decent archiver will have that option, I can recommend 7zip.

4. Checksumming it up

A final recommendation is to make a checksum of your backup files. In short, it produces a tiny file, which contains a kind of "fingerprint" of the original. Verifying with this will give you the confidence that your files are intact, free of errors and any possible malicious tampering, as long as you use a modern hash function. You might as well go with SHA-512 if you use a 64-bit system (it's faster than SHA-256 in that case). There are many free programs that offer the checksum feature and it's included in Total Commander as well.