All nodes maintain a full copy of the blockheaders.   If you can prevent a node from obtaining a block then you can denial of service the validation of the chain but you can't trick a node into thinking a block doesn't exist.  An attacker can't fake the content because that would require a preimage of the blockhash.  If one peer refuses to provide a block, you can ask another peer.  If all of them also refuse you can connect to new peers.  If you are unable to find a single peer to provide the requested block then you can't validate the chain but the attack is limited to a denial of service.  If a full node hasn't received all the blocks then it hasn't synced and it can't validate transactions.  It should not provide unvalidated information to the user.

With the blockheaders of the longest chain a node knows the full set of blocks that exist.  It may not know the contents yet but it already knows they exist.