|Cyber defence exercises (CDX) represent a popular form of hands-on security training. Learners are usually divided into several teams that have to defend or attack virtual IT infrastructure (red vs. blue teams). CDXs are prepared for learners whose level of skills, knowledge, and background may be unknown and very diverse. This is evident in the case of high-profile international CDXs with hundreds of participants coming from government agencies, military, academia, and the private sector. In this poster, we present techniques of distribution of learners to teams with respect to their level of proficiency and prerequisite skills required by the exercise. Our aim is to reach the balance between the proficiency and the exercise to make the exercise beneficial for the learners and effective investment for sponsors. The poster describes three methods and compares their advantages and disadvantages. First, we present self-assessment questionnaires that we already used in four runs of a national CDX for 80 participants in total. We outline our findings from analysis of self-assessment of learners before and after the exercise, and the score they reached during the exercise. Second, we introduce a promising method of testing prerequisites of the exercise. This is still a work in progress but we believe that this method enables better assessment of learners’ skills with respect to the exercise content, and supports better the game balance. Finally, we compare both methods to a naive one that shuffles participants to the teams randomly.