Addresses within the 192.168.0.0/16 (192.168.0.0 to 192.168.255.255) range are private (as in, they cannot be routed to the internet). This means that this address is probably your router. It’s most likely doing your local name resolution. It fallbacks to Google DNS if it cannot resolve the address it’s looking for. It’s a fairly normal configuration.
Using Google DNS is not very private and you could use something such as Unbound to resolve and cache DNS locally.
Also if someone enters your network, you’ll probably have other concerns to worry about, like finding the source of the breach (like an exposed service on the internet). I guess they could poison your DNS cache but I’m not sure if it’s a widespread kind of attack for home networks.
A managed switch allows you to have vlans, routing, QoS, spanning tree protection etc. You don’t necessarily need a gui, a lot of them are cli only, which is preferable but less user friendly if you’re not used to it. Depending on your needs a managed switch can be overkill.