After constraint 1, this devolves to a weird game of "does the interviewee realize I don't consider `getent hosts` to be a 'common networking utility' so it's still available?"
Except it's... not quite correct. getent performs NSS resolution, not DNS resolution, so its output depends on the value of the hosts field in your /etc/nsswitch.conf, which could be set to something fun like LDAP or something else.
I don't know Kubernetes, so it's very possible that Kubernetes enforces that name resolution is always DNS and only DNS (a "hosts: dns" line in /etc/nsswitch.conf, without any additional stuff like files which would mean resolution via /etc/hosts), in which case getent is indeed correct, but in the general case, there is no system-intrinsic tool that tests DNS only, and you have to use something like dig.
For DNS, my favorite interview question goes like this,
How would you verify DNS is resolving from within a pod on Kubernetes?
After listening to the answer, add some constraints:
1. Common networking utilities like ping, nslookup, dig, etc are not available
2. Container user is unpriviledged
3. su/sudo do not work
This can lead to some elaborate k8s troubleshooting or the simple, and correct, answer of getent hosts.