It's really easy, in cPanel under "Files" there is this blue arrow that looks like a clock, named "Backup". Click it, then "Download a Full Website Backup". Next, you select where to save the compressed backup file (which also includes all databases). Can either be your home directory, so you can download it from your MDD FTP account once finished (leave e-mail notification checked) or directly upload it to a remote FTP server. Secure copy (SCP) is another option, it transfers the backup between hosts in SSH mode (if you don't know what this is, don't bother, pretty much a "pro" option). Voila, you got a full backup of all sites residing in your cPanel account.
Please note that a full backup isn't something you can restore via cPanel yourself, only the host can.
You can also use the "Backup Wizard", it's the same like "Backup", but step by step instead of all on one page.
Important: Most will probably use the option to put the backup in the home directory. Don't forget to download it via FTP. Delete the file from the server after downloading it, it's just wasting space and keeping a backup in the account you backed up is pointless. For maximum security, I'd recommend 3 backups: The ones MDD does anyway, one locally on your harddrive, one remote backup (Dropbox, remote FTP server, whatever).
As far as the backup on your local hardrive and the remote backup are concerned: Keep different versions, like the last 4 if you do weekly backups. Imagine your site gets hacked, e.g. Wordpress because you used an insecure third party plugin, a really insecure password like "password" and "admin" as username, etc. It's something the best host can't 100% prevent. You do a backup and recognize the hack 2 days later. Now, before fixing the backdoor the attacker used, you want a clean backup in place and if your last backup isn't clean and it's the only one you have, this means avoidable additional work.
Hope this helps.